Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2021-21346
2021-03-23
MEDIUM
6.1
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is…
CVE-2021-21345
2021-03-23
MEDIUM
5.8
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is…
CVE-2021-21344
2021-03-23
MEDIUM
5.3
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is…
CVE-2024-13626
2025-02-17
HIGH
7.1
The VR-Frases (collect & share quotes) WordPress plugin through 3.0.1 does not sanitise and escape a parameter before outputting it…
CVE-2021-21343
2021-03-23
MEDIUM
5.3
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is…
CVE-2021-21342
2021-03-23
MEDIUM
5.3
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is…
CVE-2021-21341
2021-03-23
HIGH
7.5
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is…
CVE-2024-13627
2025-02-17
MEDIUM
4.7
The OWL Carousel Slider WordPress plugin through 2.2 does not sanitise and escape a parameter before outputting it back in…
CVE-2021-21351
2021-03-23
MEDIUM
5.4
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is…
CVE-2024-13356
2025-02-04
MEDIUM
6.5
The DSGVO All in one for WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up…
CVE-2024-13733
2025-02-04
MEDIUM
6.4
The SKT Blocks – Gutenberg based Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's…
CVE-2025-24804
2025-02-05
MEDIUM
4.3
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework. According to…
CVE-2025-24805
2025-02-05
MEDIUM
5.5
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework. A local…
CVE-2020-26217
2020-11-16
HIGH
8.0
XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell…
CVE-2020-26259
2020-12-16
MEDIUM
6.8
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, is vulnerable…
CVE-2021-43859
2022-02-01
HIGH
7.5
XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may…
CVE-2020-26258
2020-12-16
MEDIUM
6.3
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, a Server-Side…
CVE-2021-39139
2021-08-23
HIGH
8.5
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow…
CVE-2021-39141
2021-08-23
HIGH
8.5
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow…
CVE-2021-39145
2021-08-23
HIGH
8.5
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow…
CVE-2021-39147
2021-08-23
HIGH
8.5
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow…
CVE-2022-40151
2022-09-16
MEDIUM
6.5
Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is…
CVE-2022-40152
2022-09-16
MEDIUM
6.5
Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks (DOS) if DTD support is…
CVE-2022-41966
2022-12-28
HIGH
8.2
XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate…
CVE-2021-39140
2021-08-23
MEDIUM
6.5
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow…
CVE-2021-39153
2021-08-23
HIGH
8.5
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow…
CVE-2021-39149
2021-08-23
HIGH
8.5
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow…
CVE-2021-39151
2021-08-23
HIGH
8.5
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow…
CVE-2021-39144
2021-08-23
HIGH
8.5
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow…
CVE-2025-0522
2025-02-06
MEDIUM
4.7
The LikeBot WordPress plugin through 0.85 does not have CSRF check in some places, and is missing sanitisation as well…
CVE-2021-39146
2021-08-23
HIGH
8.5
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow…
CVE-2021-39148
2021-08-23
HIGH
8.5
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow…
CVE-2021-39150
2021-08-23
HIGH
8.5
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow…
CVE-2021-39152
2021-08-23
HIGH
8.5
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow…
CVE-2021-39154
2021-08-23
HIGH
8.5
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow…
CVE-2022-45064
2023-04-13
HIGH
8.0
The SlingRequestDispatcher doesn't correctly implement the RequestDispatcher API resulting in a generic type of include-based cross-site scripting issues on the…
CVE-2022-30550
2022-07-17
HIGH
8.8
An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries…
CVE-2024-13352
2025-02-07
HIGH
7.1
The Legull WordPress plugin through 1.2.2 does not sanitise and escape a parameter before outputting it back in the page,…
CVE-2024-13492
2025-02-07
MEDIUM
6.1
The Guten Free Options WordPress plugin through 0.9.5 does not sanitise and escape a parameter before outputting it back in…
CVE-2024-55416
2025-01-30
LOW
3.5
DevDojo Voyager through version 1.8.0 is vulnerable to reflected XSS via /admin/compass. By manipulating an authenticated user to click on…
CVE-2024-55417
2025-01-30
MEDIUM
4.3
DevDojo Voyager through version 1.8.0 is vulnerable to bypassing the file type verification when an authenticated user uploads a file…
CVE-2025-5099
2025-05-23
CRITICAL
9.8
An Out of Bounds Write occurs when the native library attempts PDF rendering, which can be exploited to achieve memory…
CVE-2025-5098
2025-05-23
CRITICAL
9.1
PrinterShare Android application allows the capture of Gmail authentication tokens that can be reused to access a user's Gmail account…
CVE-2025-45472
2025-05-22
HIGH
8.8
Insecure permissions in autodeploy-layer v1.2.0 allows attackers to escalate privileges and compromise the customer cloud account.
CVE-2025-0470
2025-01-31
MEDIUM
6.1
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Reflected Cross-Site…
CVE-2025-0493
2025-01-31
CRITICAL
9.8
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Limited Local File Inclusion in…
CVE-2024-13100
2025-01-31
MEDIUM
6.1
The OPSI Israel Domestic Shipments WordPress plugin through 2.6.3 does not sanitise and escape a parameter before outputting it back…
CVE-2024-12872
2025-01-31
MEDIUM
4.8
The Zalomení WordPress plugin through 1.5 does not sanitise and escape some of its settings, which could allow high privilege…
CVE-2024-53582
2025-01-31
HIGH
7.5
An issue found in the Copy and View functions in the File Manager component of OpenPanel v0.3.4 allows attackers to…
CVE-2024-53584
2025-01-31
CRITICAL
9.8
OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone parameter.
« Anterior
Página 373 de 3517
Siguiente »
Page load link
Go to Top
