Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-1831
2025-03-02
MEDIUM
6.3
A vulnerability classified as critical has been found in zj1983 zz up to 2024-8. Affected is the function GetDBUser of…
CVE-2025-1832
2025-03-02
MEDIUM
6.3
A vulnerability classified as critical was found in zj1983 zz up to 2024-8. Affected by this vulnerability is the function…
CVE-2025-1833
2025-03-02
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in zj1983 zz up to 2024-8. Affected by this issue…
CVE-2025-1834
2025-03-02
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in zj1983 zz up to 2024-8. This affects an unknown part…
CVE-2025-37899
2025-05-20
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess->user object can…
CVE-2023-42926
2023-12-12
HIGH
7.8
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a…
CVE-2025-2704
2025-04-02
HIGH
7.5
OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by…
CVE-2024-13591
2025-02-19
MEDIUM
6.4
The Team Builder For WPBakery Page Builder(Formerly Visual Composer) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the…
CVE-2024-13592
2025-02-19
HIGH
7.5
The Team Builder For WPBakery Page Builder(Formerly Visual Composer) plugin for WordPress is vulnerable to Local File Inclusion in all…
CVE-2024-13402
2025-02-27
MEDIUM
6.4
The Buddyboss Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link_title’ parameter in all versions up…
CVE-2024-12723
2025-01-28
MEDIUM
6.1
The Infility Global WordPress plugin through 2.9.8 does not sanitise and escape a parameter before outputting it back in the…
CVE-2024-57587
2025-01-31
CRITICAL
9.1
Multiple SQL injection vulnerabilities in EasyVirt DCScope
CVE-2024-55062
2025-01-31
CRITICAL
9.8
Code Injection vulnerability in EasyVirt DCScope
CVE-2024-53357
2025-01-31
HIGH
7.5
Multiple SQL injection vulnerabilities in EasyVirt DCScope
CVE-2025-48708
2025-05-23
MEDIUM
4.0
gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes…
CVE-2024-54852
2025-01-29
CRITICAL
9.8
When LDAP connection is activated in Teedy versions between 1.9 to 1.12, the username field of the login form is…
CVE-2025-4810
2025-05-16
HIGH
8.8
A vulnerability was found in Tenda AC7 15.03.06.44. It has been declared as critical. Affected by this vulnerability is the…
CVE-2025-4809
2025-05-16
HIGH
8.8
A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. Affected is the function fromSafeSetMacFilter of…
CVE-2025-4851
2025-05-18
MEDIUM
6.3
A vulnerability classified as critical was found in TOTOLINK N300RH 6.1c.1390_B20191101. This vulnerability affects the function setUploadUserData of the file…
CVE-2025-4850
2025-05-18
MEDIUM
6.3
A vulnerability classified as critical has been found in TOTOLINK N300RH 6.1c.1390_B20191101. This affects the function setUnloadUserData of the file…
CVE-2025-4849
2025-05-18
MEDIUM
6.3
A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been rated as critical. Affected by this issue is the…
CVE-2025-45862
2025-05-20
MEDIUM
6.5
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the interfacenameds parameter in the formDhcpv6s interface.
CVE-2025-45513
2025-05-09
CRITICAL
9.8
Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.P2pListFilter.
CVE-2024-26952
2024-05-01
HIGH
7.8
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I…
CVE-2023-44466
2023-09-29
HIGH
8.8
An issue was discovered in net/ceph/messenger_v2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading to…
CVE-2024-27018
2024-05-01
HIGH
7.8
In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: skip conntrack input hook for promisc packets For…
CVE-2022-48735
2024-06-20
HIGH
7.8
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix UAF of leds class devs at unbinding…
CVE-2024-36477
2024-06-21
HIGH
7.8
In the Linux kernel, the following vulnerability has been resolved: tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer…
CVE-2025-22149
2025-01-09
N/A
0.0
JWK Set (JSON Web Key Set) is a JWK and JWK Set Go implementation. Prior to 0.6.0, the project's provided…
CVE-2025-44176
2025-05-12
MEDIUM
6.5
Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function.
CVE-2025-45858
2025-05-13
CRITICAL
9.8
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection vulnerability via the FUN_00459fdc function.
CVE-2025-3757
2025-05-13
CRITICAL
9.8
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature…
CVE-2025-45863
2025-05-13
CRITICAL
9.8
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the macstr parameter in the formMapDelDevice interface.
CVE-2024-13382
2025-05-15
MEDIUM
4.8
The Calculated Fields Form WordPress plugin before 5.2.64 does not sanitise and escape some of its settings, which could allow…
CVE-2024-13729
2025-05-15
MEDIUM
4.8
The Podlove Podcast Publisher WordPress plugin before 4.1.24 does not sanitise and escape some of its settings, which could allow…
CVE-2024-13730
2025-05-15
MEDIUM
4.8
The Podlove Podcast Publisher WordPress plugin before 4.2.1 does not sanitise and escape some of its settings, which could allow…
CVE-2022-3559
2022-10-17
MEDIUM
4.6
A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex…
CVE-2022-3620
2022-10-20
MEDIUM
5.6
A vulnerability was found in Exim and classified as problematic. This issue affects the function dmarc_dns_lookup of the file dmarc.c…
CVE-2025-4540
2025-05-11
HIGH
7.0
A vulnerability was found in MTSoftware C-Lodop 6.6.1.1 on Windows. It has been rated as critical. This issue affects some…
CVE-2024-12586
2025-02-13
MEDIUM
6.1
The Chalet-Montagne.com Tools WordPress plugin through 2.7.8 does not sanitise and escape a parameter before outputting it back in the…
CVE-2025-25523
2025-02-11
MEDIUM
5.9
Buffer overflow vulnerability in Trendnet TEG-40128 Web Smart Switch v1(1.00.023) due to the lack of length verification, which is related…
CVE-2025-24607
2025-02-14
MEDIUM
5.8
Missing Authorization vulnerability in Northern Beaches Websites IdeaPush allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects IdeaPush:…
CVE-2025-22284
2025-02-16
HIGH
7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enituretechnology LTL Freight Quotes – Unishippers Edition allows…
CVE-2025-22289
2025-02-16
MEDIUM
6.5
Missing Authorization vulnerability in NotFound LTL Freight Quotes – Unishippers Edition allows Exploiting Incorrectly Configured Access Control Security Levels. This…
CVE-2025-26767
2025-02-16
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum Qubely – Advanced Gutenberg Blocks allows Stored…
CVE-2021-21350
2021-03-23
MEDIUM
5.3
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is…
CVE-2021-21349
2021-03-23
MEDIUM
6.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is…
CVE-2021-21348
2021-03-23
MEDIUM
5.3
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is…
CVE-2021-21347
2021-03-23
MEDIUM
6.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is…
CVE-2025-0924
2025-02-17
HIGH
7.2
The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘message’ parameter in all versions…
« Anterior
Página 372 de 3517
Siguiente »
Page load link
Go to Top
