Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-37948
2025-05-20
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF…
CVE-2025-37947
2025-05-20
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent out-of-bounds stream writes by validating *pos ksmbd_vfs_stream_write() did…
CVE-2025-37946
2025-05-20
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child…
CVE-2025-37945
2025-05-20
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: net: phy: allow MDIO bus PM ops to start/stop state…
CVE-2025-37944
2025-05-20
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process Currently, ath12k_dp_mon_srng_process…
CVE-2025-37943
2025-05-20
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi In certain…
CVE-2025-37942
2025-05-20
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Make sure to fetch pool before checking SIMULTANEOUS_MAX…
CVE-2025-37941
2025-05-20
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd937x: fix a potential memory leak in wcd937x_soc_codec_probe()…
CVE-2024-52013
2024-11-05
MEDIUM
5.7
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the…
CVE-2024-52014
2024-11-05
MEDIUM
5.7
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the…
CVE-2024-52015
2024-11-05
MEDIUM
5.7
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the…
CVE-2024-52016
2024-11-05
MEDIUM
5.7
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to multiple stack overflow vulnerabilities in the…
CVE-2024-52022
2024-11-05
HIGH
8.0
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in…
CVE-2024-51011
2024-11-05
MEDIUM
5.7
Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter…
CVE-2025-2240
2025-03-12
HIGH
7.5
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory (OOM) issue. This vulnerability is externally triggered…
CVE-2022-3197
2022-09-26
HIGH
8.8
Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption…
CVE-2022-3103
2022-09-26
HIGH
7.8
off-by-one in io_uring module.
CVE-2022-3135
2022-09-26
MEDIUM
4.8
The SEO Smart Links WordPress plugin through 3.0.1 does not sanitise and escape some of its settings, which could allow…
CVE-2022-3119
2022-09-26
HIGH
7.5
The OAuth client Single Sign On WordPress plugin before 3.0.4 does not have authorisation and CSRF when updating its settings,…
CVE-2022-2903
2022-09-26
HIGH
7.2
The Ninja Forms Contact Form WordPress plugin before 3.6.13 unserialises the content of an imported file, which could lead to…
CVE-2022-2861
2022-09-26
MEDIUM
6.5
Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.101 allowed an attacker who convinced a user to install…
CVE-2022-2860
2022-09-26
MEDIUM
6.5
Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to bypass cookie prefix restrictions…
CVE-2022-2859
2022-09-26
HIGH
8.8
Use after free in Chrome OS Shell in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who convinced a…
CVE-2022-2858
2022-09-26
HIGH
8.8
Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap…
CVE-2022-2405
2022-09-26
MEDIUM
4.3
The WP Popup Builder WordPress plugin before 1.2.9 does not have authorisation and CSRF check in an AJAX action, allowing…
CVE-2022-2404
2022-09-26
MEDIUM
6.1
The WP Popup Builder WordPress plugin before 1.2.9 does not sanitise and escape a parameter before outputting it back in…
CVE-2022-2352
2022-09-26
HIGH
7.2
The Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not have proper authorisation in some AJAX actions, which could…
CVE-2022-1755
2022-09-26
MEDIUM
5.4
The SVG Support WordPress plugin before 2.5 does not properly handle SVG added via an URL, which could allow users…
CVE-2022-1613
2022-09-26
MEDIUM
5.3
The Restricted Site Access WordPress plugin before 7.3.2 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR,…
CVE-2021-24890
2022-09-26
HIGH
8.8
The Scripts Organizer WordPress plugin before 3.0 does not have capability and CSRF checks in the saveScript AJAX action, available…
CVE-2024-51021
2024-11-05
HIGH
8.0
Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a command injection vulnerability via the wan_gateway…
CVE-2024-52023
2024-11-05
MEDIUM
5.7
Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter…
CVE-2024-52024
2024-11-05
MEDIUM
5.7
Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter…
CVE-2024-52025
2024-11-05
MEDIUM
5.7
Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter…
CVE-2024-52026
2024-11-05
MEDIUM
5.7
Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter…
CVE-2025-31490
2025-04-14
HIGH
7.5
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows.…
CVE-2025-3585
2025-04-14
MEDIUM
6.3
A vulnerability classified as critical has been found in westboy CicadasCMS 1.0. This affects an unknown part of the file…
CVE-2024-51010
2024-11-05
HIGH
8.0
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in…
CVE-2025-3565
2025-04-14
MEDIUM
4.7
A vulnerability classified as critical was found in huanfenz/code-projects StudentManager 1.0. This vulnerability affects unknown code of the file /upload/uploadArticle.do…
CVE-2024-21011
2024-04-16
LOW
3.7
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component:…
CVE-2025-3608
2025-04-15
MEDIUM
6.5
A race condition existed in nsHttpTransaction that could have been exploited to cause memory corruption, potentially leading to an exploitable…
CVE-2025-20955
2025-05-07
MEDIUM
5.5
Improper Export of Android Application Components in NotificationHistoryImageProvider prior to SMR May-2025 Release 1 allows local attackers to access notification…
CVE-2025-20957
2025-05-07
HIGH
7.3
Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to launch arbitrary activities with SmartManagerCN…
CVE-2025-20958
2025-05-07
MEDIUM
4.4
Improper verification of intent by broadcast receiver in UnifiedWFC prior to SMR May-2025 Release 1 allows local attackers to manipulate…
CVE-2025-20959
2025-05-07
MEDIUM
5.1
Use of implicit intent for sensitive communication in Wi-Fi P2P service prior to SMR May-2025 Release 1 allows local attackers…
CVE-2025-20960
2025-05-07
MEDIUM
4.0
Improper handling of insufficient permission in CocktailBarService prior to SMR May-2025 Release 1 allows local attackers to use the privileged…
CVE-2025-20961
2025-05-07
MEDIUM
5.5
Improper handling of insufficient permission or privileges in sepunion service prior to SMR May-2025 Release 1 allows local privileged attackers…
CVE-2025-20962
2025-05-07
MEDIUM
4.0
Improper handling of insufficient permission in SpenGesture service prior to SMR May-2025 Release 1 allows local attackers to track the…
CVE-2025-20963
2025-05-07
MEDIUM
6.6
Out-of-bounds write in memory initialization in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory.
CVE-2025-20964
2025-05-07
MEDIUM
6.6
Out-of-bounds write in parsing media files in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds…
« Anterior
Página 398 de 3521
Siguiente »
Page load link
Go to Top
