Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2022-33683
2022-09-23
MEDIUM
5.9
Apache Pulsar Brokers and Proxies create an internal Pulsar Admin Client that does not verify peer TLS certificates, even when…
CVE-2022-32820
2022-09-23
HIGH
7.8
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6,…
CVE-2022-32818
2022-09-23
MEDIUM
5.5
The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5. An app may be…
CVE-2022-32228
2022-09-23
MEDIUM
4.3
An information disclosure vulnerability exists in Rocket.Chat
CVE-2022-32227
2022-09-23
MEDIUM
6.5
A cleartext transmission of sensitive information exists in Rocket.Chat
CVE-2022-32226
2022-09-23
MEDIUM
4.3
An improper access control vulnerability exists in Rocket.Chat
CVE-2022-32218
2022-09-23
MEDIUM
4.3
An information disclosure vulnerability exists in Rocket.Chat
CVE-2022-32217
2022-09-23
MEDIUM
5.3
A cleartext storage of sensitive information exists in Rocket.Chat
CVE-2022-31679
2022-09-21
LOW
3.7
Applications that allow HTTP PATCH access to resources exposed by Spring Data REST in versions 3.6.0 - 3.5.5, 3.7.0 -…
CVE-2022-30577
2022-09-21
HIGH
8.0
The Web Server component of TIBCO Software Inc.'s TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged…
CVE-2022-2413
2024-01-16
MEDIUM
5.4
The Slide Anything WordPress plugin before 2.3.47 does not properly sanitize or escape the slide title before outputting it in…
CVE-2022-30124
2022-09-23
MEDIUM
6.8
An improper authentication vulnerability exists in Rocket.Chat Mobile App
CVE-2022-28886
2022-09-23
MEDIUM
4.3
A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where aerdl.so/aerdl.dll may go into an infinite loop when…
CVE-2022-26700
2022-09-23
HIGH
8.8
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS…
CVE-2022-23144
2022-09-23
CRITICAL
9.1
There is a broken access control vulnerability in ZTE ZXvSTB product. Due to improper permission control, attackers could use this…
CVE-2022-27492
2022-09-23
HIGH
7.8
An integer underflow in WhatsApp could have caused remote code execution when receiving a crafted video file.
CVE-2022-23952
2022-09-21
HIGH
7.5
In Keylime before 6.3.0, current keylime installer installs the keylime.conf file, which can contain sensitive data, as world-readable.
CVE-2022-22624
2022-09-23
HIGH
8.8
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS…
CVE-2022-22610
2022-09-23
HIGH
8.8
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.3, Safari 15.4,…
CVE-2022-20019
2022-01-04
MEDIUM
5.5
In libMtkOmxGsmDec, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information…
CVE-2021-3782
2022-09-23
MEDIUM
6.6
An internal reference count is held on the buffer pool, incremented every time a new buffer is created from the…
CVE-2021-45116
2022-01-05
HIGH
7.5
An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to leveraging the…
CVE-2022-20014
2022-01-04
MEDIUM
6.7
In vow driver, there is a possible memory corruption due to improper input validation. This could lead to local escalation…
CVE-2021-39990
2022-01-03
CRITICAL
9.8
The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience.
CVE-2021-39989
2022-01-03
HIGH
7.5
The HwNearbyMain module has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability may cause…
CVE-2021-39988
2022-01-03
HIGH
7.5
The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
CVE-2021-39987
2022-01-03
HIGH
7.5
The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
CVE-2021-39985
2022-01-03
HIGH
7.5
The HwNearbyMain module has a Improper Validation of Array Index vulnerability.Successful exploitation of this vulnerability may cause a process to…
CVE-2021-39984
2022-01-03
HIGH
7.5
Huawei idap module has a Out-of-bounds Read vulnerability.Successful exploitation of this vulnerability may cause Denial of Service.
CVE-2021-39983
2022-01-03
HIGH
7.5
The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
CVE-2021-37198
2022-01-11
HIGH
8.8
A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions…
CVE-2021-39977
2022-01-03
HIGH
7.5
The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
CVE-2021-39967
2022-01-03
HIGH
7.5
There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast permission settings in Smartphones.Successful exploitation of this…
CVE-2021-37133
2022-01-03
HIGH
7.5
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-28715
2022-01-06
MEDIUM
6.5
Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple…
CVE-2021-36739
2022-01-06
MEDIUM
6.1
The "first name" and "last name" fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to…
CVE-2021-25022
2022-01-03
MEDIUM
6.1
The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.66 does not sanitise and escape the backup_timestamp and job_id parameter before…
CVE-2021-24964
2022-01-03
MEDIUM
6.1
The LiteSpeed Cache WordPress plugin before 4.4.4 does not properly verify that requests are coming from QUIC.cloud servers, allowing attackers…
CVE-2021-24042
2022-01-04
CRITICAL
9.8
The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS…
CVE-2021-24786
2022-01-03
HIGH
7.2
The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the "orderby" GET parameter before using it…
CVE-2021-1918
2022-01-03
MEDIUM
6.5
Improper handling of resource allocation in virtual machines can lead to information exposure in Snapdragon Consumer IOT, Snapdragon Industrial IOT,…
CVE-2024-12732
2025-05-15
MEDIUM
6.1
The AffiliateImporterEb WordPress plugin through 1.0.6 does not sanitise and escape a parameter before outputting it back in the page,…
CVE-2024-12733
2025-05-15
MEDIUM
6.1
The AffiliateImporterEb WordPress plugin through 1.0.6 does not sanitise and escape a parameter before outputting it back in the page,…
CVE-2024-12734
2025-05-15
MEDIUM
6.1
The Advance Post Prefix WordPress plugin through 1.1.1, Advance Post Prefix WordPress plugin through 1.1.1 does not sanitise and escape…
CVE-2024-12735
2025-05-15
HIGH
7.2
The Advance Post Prefix WordPress plugin through 1.1.1 does not sanitize and escape a parameter before using it in a…
CVE-2024-13127
2025-05-15
MEDIUM
4.8
The LearnPress WordPress plugin before 4.2.7.5.1 does not sanitise and escape some of its settings, which could allow high privilege…
CVE-2025-46188
2025-05-09
CRITICAL
9.8
SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in superadmin_phpmyadmin.php.
CVE-2025-46189
2025-05-09
CRITICAL
9.8
SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_order_customer_update.php via the order_id POST parameter.
CVE-2024-13128
2025-05-15
MEDIUM
4.8
The LearnPress WordPress plugin before 4.2.7.5.1 does not sanitise and escape some of its settings, which could allow high privilege…
CVE-2025-46191
2025-05-09
CRITICAL
9.8
Arbitrary File Upload in user_payment_update.php in SourceCodester Client Database Management System 1.0 allows unauthenticated users to upload arbitrary files via…
« Anterior
Página 384 de 3519
Siguiente »
Page load link
Go to Top
