Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-8443
2025-08-01
HIGH
7.3
A vulnerability was found in code-projects Online Medicine Guide 1.0 and classified as critical. Affected by this issue is some…
CVE-2025-6398
2025-08-01
N/A
0.0
A null pointer dereference vulnerability exists in the IOMap64.sys driver of ASUS AI Suite 3. The vulnerability can be triggered…
CVE-2025-8442
2025-08-01
HIGH
7.3
A vulnerability has been found in code-projects Online Medicine Guide 1.0 and classified as critical. Affected by this vulnerability is…
CVE-2025-8441
2025-08-01
HIGH
7.3
A vulnerability, which was classified as critical, was found in code-projects Online Medicine Guide 1.0. Affected is an unknown function…
CVE-2025-8439
2025-08-01
HIGH
7.3
A vulnerability, which was classified as critical, has been found in code-projects Wazifa System 1.0. This issue affects some unknown…
CVE-2025-8438
2025-08-01
HIGH
7.3
A vulnerability classified as critical was found in code-projects Wazifa System 1.0. This vulnerability affects unknown code of the file…
CVE-2025-8437
2025-08-01
HIGH
7.3
A vulnerability classified as critical has been found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the…
CVE-2025-7646
2025-08-01
MEDIUM
6.4
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable…
CVE-2025-8436
2025-08-01
HIGH
7.3
A vulnerability was found in projectworlds Online Admission System 1.0. It has been rated as critical. Affected by this issue…
CVE-2025-54939
2025-08-01
MEDIUM
5.3
LiteSpeed QUIC (LSQUIC) Library before 4.3.1 has an lsquic_engine_packet_in memory leak.
CVE-2025-31716
2025-08-01
MEDIUM
5.1
In bootloader, there is a possible out of bounds write due to a missing bounds check. This could lead to…
CVE-2025-8435
2025-08-01
HIGH
7.3
A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been declared as critical. Affected by this vulnerability…
CVE-2025-7845
2025-08-01
MEDIUM
6.4
The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Advanced Google Maps…
CVE-2025-7725
2025-08-01
HIGH
7.2
The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share…
CVE-2025-7443
2025-08-01
HIGH
8.1
The BerqWP – Automated All-In-One Page Speed Optimization for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript plugin for…
CVE-2025-4523
2025-08-01
MEDIUM
6.5
The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to unauthorized access of data…
CVE-2025-8434
2025-08-01
HIGH
7.3
A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been classified as critical. Affected is an unknown…
CVE-2025-8433
2025-08-01
MEDIUM
5.4
A vulnerability was found in code-projects Document Management System 1.0 and classified as critical. This issue affects the function unlink…
CVE-2025-5947
2025-08-01
CRITICAL
9.8
The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via authentication bypass in all versions up to,…
CVE-2025-54847
2025-08-01
N/A
0.0
Rejected reason: Not used
CVE-2025-54846
2025-08-01
N/A
0.0
Rejected reason: Not used
CVE-2025-54845
2025-08-01
N/A
0.0
Rejected reason: Not used
CVE-2025-54844
2025-08-01
N/A
0.0
Rejected reason: Not used
CVE-2025-54843
2025-08-01
N/A
0.0
Rejected reason: Not used
CVE-2025-54842
2025-08-01
N/A
0.0
Rejected reason: Not used
CVE-2025-54841
2025-08-01
N/A
0.0
Rejected reason: Not used
CVE-2025-54840
2025-08-01
N/A
0.0
Rejected reason: Not used
CVE-2025-54839
2025-08-01
N/A
0.0
Rejected reason: Not used
CVE-2025-54657
2025-08-01
N/A
0.0
Rejected reason: Not used
CVE-2025-53399
2025-08-01
N/A
0.0
In Sipwise rtpengine before 13.4.1.1, an origin-validation error in the endpoint-learning logic of the media-relay core allows remote attackers to…
CVE-2019-19145
2025-08-01
MEDIUM
5.8
Quantum SuperLoader 3 V94.0 005E.0h devices allow attackers to access the hardcoded fa account because there are only 65536 possible…
CVE-2025-5954
2025-08-01
CRITICAL
9.8
The Service Finder SMS System plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up…
CVE-2025-8431
2025-08-01
HIGH
7.3
A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code…
CVE-2023-32251
2025-07-31
LOW
3.7
A vulnerability has been identified in the Linux kernel's ksmbd component (kernel SMB/CIFS server). A security control designed to prevent…
CVE-2025-48073
2025-07-31
N/A
0.0
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture…
CVE-2025-48072
2025-07-31
N/A
0.0
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture…
CVE-2025-50866
2025-07-31
MEDIUM
6.1
CloudClassroom-PHP-Project 1.0 contains a reflected Cross-site Scripting (XSS) vulnerability in the email parameter of the postquerypublic endpoint. Improper sanitization allows…
CVE-2025-48071
2025-07-31
N/A
0.0
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture…
CVE-2025-45768
2025-07-31
HIGH
7.0
pyjwt v2.10.1 was discovered to contain weak encryption.
CVE-2025-23289
2025-07-31
MEDIUM
5.5
NVIDIA Omniverse Launcher for Windows and Linux contains a vulnerability in the launcher logs, where a user could cause sensitive…
CVE-2025-45770
2025-07-31
HIGH
7.0
jwt v5.4.3 was discovered to contain weak encryption.
CVE-2025-45769
2025-07-31
HIGH
7.3
php-jwt v6.11.0 was discovered to contain weak encryption.
CVE-2025-8286
2025-07-31
CRITICAL
9.8
Güralp FMUS series seismic monitoring devices expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware…
CVE-2025-50867
2025-07-31
MEDIUM
6.5
A SQL Injection vulnerability exists in the takeassessment2.php endpoint of the CloudClassroom-PHP-Project 1.0, where the Q5 POST parameter is directly…
CVE-2025-50850
2025-07-31
HIGH
8.6
An issue was discovered in CS Cart 4.18.3 allows the vendor login functionality lacks essential security controls such as CAPTCHA…
CVE-2025-51569
2025-07-31
MEDIUM
6.1
A cross-site scripting (XSS) vulnerability exists in the LB-Link BL-CPE300M 01.01.02P42U14_06 router's web interface. The /goform/goform_get_cmd_process endpoint fails to sanitize…
CVE-2025-50572
2025-07-31
HIGH
8.8
An issue was discovered in Archer Technology RSA Archer 6.11.00204.10014 allowing attackers to execute arbitrary code via crafted system inputs…
CVE-2025-50848
2025-07-31
MEDIUM
6.1
A file upload vulnerability was discovered in CS Cart 4.18.3, allows attackers to execute arbitrary code. CS Cart 4.18.3 allows…
CVE-2025-50847
2025-07-31
MEDIUM
6.5
Cross Site Request Forgery (CSRF) vulnerability in CS Cart 4.18.3, allows attackers to add products to a user's comparison list…
CVE-2025-50270
2025-07-31
MEDIUM
6.1
A stored Cross Site Scripting (xss) vulnerability in the "content management" feature in AnQiCMS v.3.4.11 allows a remote attacker to…
« Anterior
Página 38 de 3394
Siguiente »
Page load link
Go to Top
