Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2024-13952
2025-05-22
HIGH
8.4
Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential attacker if administrator credentials become compromisedThis issue affects…
CVE-2024-13951
2025-05-22
HIGH
7.6
One way hash with predictable salt vulnerabilities in ASPECT may expose sensitive information to a potential attackerThis issue affects ASPECT-Enterprise:…
CVE-2024-13950
2025-05-22
MEDIUM
6.8
Log injection vulnerabilities in ASPECT provide attacker access to inject malicious browser scripts if administrator credentials become compromised.This issue affects…
CVE-2024-13949
2025-05-22
MEDIUM
6.8
Large content vulnerabilities are present in ASPECT exposing a device to disk overutilization on a system if administrator credentials become…
CVE-2024-13948
2025-05-22
HIGH
7.3
Windows permissions for ASPECT configuration toolsets are not fully secured allow-ing exposure of configuration informationThis issue affects ASPECT-Enterprise: through 3.*;…
CVE-2024-13947
2025-05-22
MEDIUM
6.0
Device commissioning parameters in ASPECT may be modified by an external source if administrative credentials become compromisedThis issue affects ASPECT-Enterprise:…
CVE-2024-13946
2025-05-22
MEDIUM
6.8
DLL's are not digitally signed when loaded in ASPECT's configuration toolset exposing the application to binary planting during device commissioning.This…
CVE-2025-4827
2025-05-17
HIGH
8.8
A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected is an unknown…
CVE-2025-4829
2025-05-17
HIGH
8.8
A vulnerability classified as critical was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected by this vulnerability is the…
CVE-2025-4830
2025-05-17
HIGH
8.8
A vulnerability, which was classified as critical, has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. Affected by this…
CVE-2025-4831
2025-05-17
HIGH
8.8
A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown…
CVE-2025-4832
2025-05-17
HIGH
8.8
A vulnerability has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This vulnerability affects unknown…
CVE-2025-4833
2025-05-17
HIGH
8.8
A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This issue affects some unknown…
CVE-2025-4834
2025-05-17
HIGH
8.8
A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been classified as critical. Affected is an…
CVE-2025-4835
2025-05-17
HIGH
8.8
A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been declared as critical. Affected by this…
CVE-2025-4826
2025-05-17
HIGH
8.8
A vulnerability, which was classified as critical, has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This issue affects…
CVE-2025-4825
2025-05-17
HIGH
8.8
A vulnerability classified as critical was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This vulnerability affects unknown code of…
CVE-2025-4824
2025-05-17
HIGH
8.8
A vulnerability classified as critical has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part…
CVE-2025-4823
2025-05-17
HIGH
8.8
A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. It has been rated as critical. Affected by this…
CVE-2024-25502
2024-02-15
CRITICAL
9.8
Directory Traversal vulnerability in flusity CMS v.2.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via…
CVE-2024-25166
2024-02-27
MEDIUM
6.1
Cross Site Scripting vulnerability in 71CMS v.1.0.0 allows a remote attacker to execute arbitrary code via the uploadfile action parameter…
CVE-2023-41506
2024-02-27
CRITICAL
9.8
An arbitrary file upload vulnerability in the Update/Edit Student's Profile Picture function of Student Enrollment In PHP v1.0 allows attackers…
CVE-2024-25400
2024-02-27
CRITICAL
9.8
Subrion CMS 4.2.1 is vulnerable to SQL Injection via ia.core.mysqli.php. NOTE: this is disputed by multiple third parties because it…
CVE-2024-27508
2024-02-27
HIGH
7.5
Atheme 7.2.12 contains a memory leak vulnerability in /atheme/src/crypto-benchmark/main.c.
CVE-2024-25840
2024-02-27
HIGH
7.5
In the module "Account Manager | Sales Representative & Dealers | CRM" (prestasalesmanager) up to 9.0 from Presta World for…
CVE-2024-25841
2024-02-27
MEDIUM
5.9
In the module "So Flexibilite" (soflexibilite) from Common-Services for PrestaShop < 4.1.26, a guest (authenticated customer) can perform Cross Site…
CVE-2024-26458
2024-02-29
MEDIUM
5.3
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.
CVE-2024-53354
2025-01-31
MEDIUM
6.5
Multiple SQL injection vulnerabilities in EasyVirt DCScope
CVE-2023-51773
2024-02-29
CRITICAL
9.1
BACnet Stack before 1.3.2 has a decode function APDU buffer over-read in bacapp_decode_application_data in bacapp.c.
CVE-2024-53355
2025-01-31
HIGH
8.8
Multiple incorrect access control issues in EasyVirt DCScope
CVE-2024-53356
2025-01-31
CRITICAL
9.8
Weak JWT Secret vulnerabilitiy in EasyVirt DCScope
CVE-2024-26461
2024-02-29
HIGH
7.5
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.
CVE-2025-0804
2025-01-29
MEDIUM
6.4
The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin for WordPress is…
CVE-2024-48761
2025-01-29
HIGH
8.8
Reflected XSS vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary JavaScript code via the…
CVE-2024-51182
2025-01-29
MEDIUM
6.1
HTML Injection vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary HTML code via the…
CVE-2024-54851
2025-01-29
HIGH
8.8
Teedy
CVE-2022-35096
2022-09-23
MEDIUM
5.5
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at /gfxpoly/stroke.c.
CVE-2022-35095
2022-09-23
MEDIUM
5.5
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via InfoOutputDev::type3D1 at /pdf/InfoOutputDev.cc.
CVE-2022-35094
2022-09-23
MEDIUM
5.5
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc.
CVE-2022-35093
2022-09-23
MEDIUM
5.5
SWFTools commit 772e55a2 was discovered to contain a global buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc.
CVE-2024-25844
2024-03-03
HIGH
7.5
An issue was discovered in Common-Services "So Flexibilite" (soflexibilite) module for PrestaShop before version 4.1.26, allows remote attackers to escalate…
CVE-2024-57665
2025-01-29
CRITICAL
9.8
JFinalCMS 1.0 is vulnerable to SQL Injection in rc/main/java/com/cms/entity/Content.java. The cause of the vulnerability is that the title parameter is…
CVE-2024-55415
2025-01-30
MEDIUM
5.7
DevDojo Voyager through 1.8.0 is vulnerable to path traversal at the /admin/compass.
CVE-2025-0792
2025-01-29
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in ESAFENET CDG V5. Affected is an unknown function of the…
CVE-2024-25858
2024-03-05
HIGH
8.4
In Foxit PDF Reader before 2024.1 and PDF Editor before 2024.1, code execution via JavaScript could occur because of an…
CVE-2024-24278
2024-03-05
HIGH
7.5
An issue in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a…
CVE-2024-21805
2024-03-12
HIGH
7.8
Improper access control vulnerability exists in the specific folder of SKYSEA Client View versions from Ver.16.100 prior to Ver.19.2. If…
CVE-2024-24964
2024-03-12
MEDIUM
6.3
Improper access control vulnerability exists in the resident process of SKYSEA Client View versions from Ver.11.220 prior to Ver.19.2. If…
CVE-2024-2020
2024-03-13
HIGH
7.2
The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form page href parameter in…
CVE-2024-28662
2024-03-13
MEDIUM
5.4
A Cross Site Scripting vulnerability exists in Piwigo before 14.3.0 script because of missing sanitization in create_tag in admin/include/functions.php.
« Anterior
Página 380 de 3518
Siguiente »
Page load link
Go to Top
