Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-0791
2025-01-29
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in ESAFENET CDG V5. This issue affects some unknown processing…
CVE-2024-25934
2024-03-15
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FormFacade allows Stored XSS.This issue affects FormFacade: from…
CVE-2024-24539
2024-03-18
MEDIUM
5.3
FusionPBX before 5.2.0 does not validate a session.
CVE-2024-23721
2024-03-20
HIGH
7.5
A Directory Traversal issue was discovered in process_post on Draytek Vigor3910 4.3.2.5 devices. When sending a certain POST request, it…
CVE-2025-0790
2025-01-29
LOW
3.5
A vulnerability classified as problematic was found in ESAFENET CDG V5. This vulnerability affects unknown code of the file /doneDetail.jsp.…
CVE-2025-0789
2025-01-28
MEDIUM
6.3
A vulnerability classified as critical has been found in ESAFENET CDG V5. This affects an unknown part of the file…
CVE-2025-40775
2025-05-21
HIGH
7.5
When an incoming DNS protocol message includes a Transaction Signature (TSIG), BIND always checks it. If the TSIG contains an…
CVE-2025-31672
2025-04-09
MEDIUM
5.3
Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and…
CVE-2025-1861
2025-03-30
N/A
0.0
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing…
CVE-2025-1736
2025-03-30
N/A
0.0
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when user-supplied…
CVE-2025-1734
2025-03-30
N/A
0.0
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when receiving…
CVE-2025-1219
2025-03-30
MEDIUM
5.3
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting…
CVE-2025-1217
2025-03-29
LOW
3.1
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when http…
CVE-2024-50083
2024-10-29
HIGH
7.5
In the Linux kernel, the following vulnerability has been resolved: tcp: fix mptcp DSS corruption due to large pmtu xmit…
CVE-2025-4786
2025-05-16
MEDIUM
6.3
A vulnerability was found in SourceCodester/oretnom23 Stock Management System 1.0. It has been rated as critical. This issue affects some…
CVE-2025-4787
2025-05-16
MEDIUM
6.3
A vulnerability classified as critical has been found in SourceCodester/oretnom23 Stock Management System 1.0. Affected is an unknown function of…
CVE-2024-44914
2024-08-28
MEDIUM
5.5
An issue in the component EXR!ReadEXR+0x3df50 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR…
CVE-2024-44915
2024-08-28
MEDIUM
5.5
An issue in the component EXR!ReadEXR+0x4eef0 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR…
CVE-2024-44913
2024-08-28
MEDIUM
5.5
An issue in the component EXR!ReadEXR+0x40ef1 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR…
CVE-2021-36340
2021-11-20
HIGH
7.8
Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information disclosure vulnerability. A local malicious user may exploit this vulnerability…
CVE-2025-4788
2025-05-16
HIGH
7.3
A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality…
CVE-2025-4789
2025-05-16
HIGH
7.3
A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is…
CVE-2025-4790
2025-05-16
HIGH
7.3
A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of…
CVE-2025-4791
2025-05-16
HIGH
7.3
A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. This vulnerability affects unknown code of…
CVE-2025-0825
2025-02-04
N/A
0.0
cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters ("\r\n") when those are prefixed with a null byte. This…
CVE-2025-4782
2025-05-16
MEDIUM
6.3
A vulnerability has been found in SourceCodester/oretnom23 Stock Management System 1.0 and classified as critical. This vulnerability affects unknown code…
CVE-2025-47688
2025-05-07
MEDIUM
5.3
Missing Authorization vulnerability in Saad Iqbal Advanced File Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects…
CVE-2025-4462
2025-05-09
HIGH
8.8
A vulnerability, which was classified as critical, has been found in TOTOLINK N150RT 3.4.0-B20190525. This issue affects some unknown processing…
CVE-2025-4461
2025-05-09
LOW
2.4
A vulnerability classified as problematic was found in TOTOLINK N150RT 3.4.0-B20190525. This vulnerability affects unknown code of the component Virtual…
CVE-2025-4460
2025-05-09
LOW
2.4
A vulnerability classified as problematic has been found in TOTOLINK N150RT 3.4.0-B20190525. This affects an unknown part of the component…
CVE-2025-47612
2025-05-07
MEDIUM
5.4
Missing Authorization vulnerability in flowdee ClickWhale allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ClickWhale: from n/a…
CVE-2024-51547
2025-02-06
CRITICAL
9.8
Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB MATRIX Series.This issue affects ASPECT-Enterprise: through 3.*; NEXUS…
CVE-2025-4008
2025-05-21
N/A
0.0
The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a…
CVE-2025-4949
2025-05-21
N/A
0.0
In Eclipse JGit versions 7.2.0.202503040940-r and older, the ManifestParser class used by the repo command and the AmazonS3 class used…
CVE-2025-4478
2025-05-16
HIGH
7.1
A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger…
CVE-2023-48795
2023-12-18
MEDIUM
5.9
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to…
CVE-2024-36761
2024-06-12
CRITICAL
9.8
naga v0.14.0 was discovered to contain a stack overflow via the component /wgsl/parse/mod.rs.
CVE-2025-4642
2025-05-22
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-4562
2025-05-22
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2022-40864
2022-09-23
CRITICAL
9.8
Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet
CVE-2022-40862
2022-09-23
CRITICAL
9.8
Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting
CVE-2022-40860
2022-09-23
CRITICAL
9.8
Tenda AC15 router V15.03.05.19 contains a stack overflow vulnerability in the function formSetQosBand->FUN_0007dd20 with request /goform/SetNetControlList
CVE-2022-40853
2022-09-23
CRITICAL
9.8
Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at /goform/fast_setting_wifi_set
CVE-2022-40093
2022-09-23
HIGH
7.2
Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at…
CVE-2022-40092
2022-09-23
HIGH
7.2
Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at…
CVE-2022-40091
2022-09-23
HIGH
7.2
Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at…
CVE-2022-35257
2022-09-23
HIGH
7.8
A local privilege escalation vulnerability in UI Desktop for Windows (Version 0.55.1.2 and earlier) allows a malicious actor with local…
CVE-2022-35097
2022-09-23
MEDIUM
5.5
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via FoFiTrueType::writeTTF at /xpdf/FoFiTrueType.cc.
CVE-2022-33681
2022-09-23
MEDIUM
5.9
Delayed TLS hostname verification in the Pulsar Java Client and the Pulsar Proxy make each client vulnerable to a man…
CVE-2022-30121
2022-09-23
MEDIUM
6.7
The “LANDesk(R) Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed…
« Anterior
Página 381 de 3518
Siguiente »
Page load link
Go to Top
