Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2024-52026
2024-11-05
MEDIUM
5.7
Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via the pppoe_localip parameter…
CVE-2025-31490
2025-04-14
HIGH
7.5
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows.…
CVE-2025-3585
2025-04-14
MEDIUM
6.3
A vulnerability classified as critical has been found in westboy CicadasCMS 1.0. This affects an unknown part of the file…
CVE-2024-51010
2024-11-05
HIGH
8.0
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command injection vulnerability in…
CVE-2025-3565
2025-04-14
MEDIUM
4.7
A vulnerability classified as critical was found in huanfenz/code-projects StudentManager 1.0. This vulnerability affects unknown code of the file /upload/uploadArticle.do…
CVE-2024-21011
2024-04-16
LOW
3.7
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component:…
CVE-2025-3608
2025-04-15
MEDIUM
6.5
A race condition existed in nsHttpTransaction that could have been exploited to cause memory corruption, potentially leading to an exploitable…
CVE-2025-20955
2025-05-07
MEDIUM
5.5
Improper Export of Android Application Components in NotificationHistoryImageProvider prior to SMR May-2025 Release 1 allows local attackers to access notification…
CVE-2025-20957
2025-05-07
HIGH
7.3
Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to launch arbitrary activities with SmartManagerCN…
CVE-2025-20958
2025-05-07
MEDIUM
4.4
Improper verification of intent by broadcast receiver in UnifiedWFC prior to SMR May-2025 Release 1 allows local attackers to manipulate…
CVE-2025-20959
2025-05-07
MEDIUM
5.1
Use of implicit intent for sensitive communication in Wi-Fi P2P service prior to SMR May-2025 Release 1 allows local attackers…
CVE-2025-20960
2025-05-07
MEDIUM
4.0
Improper handling of insufficient permission in CocktailBarService prior to SMR May-2025 Release 1 allows local attackers to use the privileged…
CVE-2025-20961
2025-05-07
MEDIUM
5.5
Improper handling of insufficient permission or privileges in sepunion service prior to SMR May-2025 Release 1 allows local privileged attackers…
CVE-2025-20962
2025-05-07
MEDIUM
4.0
Improper handling of insufficient permission in SpenGesture service prior to SMR May-2025 Release 1 allows local attackers to track the…
CVE-2025-20963
2025-05-07
MEDIUM
6.6
Out-of-bounds write in memory initialization in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory.
CVE-2025-20964
2025-05-07
MEDIUM
6.6
Out-of-bounds write in parsing media files in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds…
CVE-2025-44848
2025-05-01
MEDIUM
6.5
TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the msg_process function via the Url parameter. This…
CVE-2025-44860
2025-05-01
MEDIUM
6.5
TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in the msg_process function via the Port parameter. This…
CVE-2025-44861
2025-05-01
MEDIUM
6.3
TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the url parameter. This…
CVE-2025-44862
2025-05-01
MEDIUM
6.3
TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in the recvUpgradeNewFw function via the fwUrl parameter. This…
CVE-2025-44863
2025-05-01
MEDIUM
6.5
TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in the msg_process function via the Url parameter. This…
CVE-2024-21094
2024-04-16
LOW
3.7
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component:…
CVE-2024-21012
2024-04-16
LOW
3.7
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component:…
CVE-2024-21085
2024-04-16
LOW
3.7
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Concurrency). Supported versions that…
CVE-2025-30723
2025-04-15
MEDIUM
5.4
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Supported versions that are affected are 7.6.0.0.0…
CVE-2025-26998
2025-04-15
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks – Gutenberg based Page Builder…
CVE-2024-21007
2024-04-16
HIGH
7.5
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0…
CVE-2024-21117
2024-04-16
MEDIUM
5.3
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Supported versions that are…
CVE-2024-21120
2024-04-16
MEDIUM
5.3
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Supported versions that are…
CVE-2024-21067
2024-04-16
HIGH
8.8
Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Host Management). The supported version that…
CVE-2025-4864
2025-05-18
HIGH
7.3
A vulnerability has been found in itsourcecode Restaurant Management System 1.0 and classified as critical. This vulnerability affects unknown code…
CVE-2025-4865
2025-05-18
HIGH
7.3
A vulnerability was found in itsourcecode Restaurant Management System 1.0 and classified as critical. This issue affects some unknown processing…
CVE-2025-27920
2025-05-05
HIGH
7.2
Output Messenger before 2.0.63 was vulnerable to a directory traversal attack through improper file path handling. By using ../ sequences…
CVE-2025-4870
2025-05-18
HIGH
7.3
A vulnerability classified as critical was found in itsourcecode Restaurant Management System 1.0. This vulnerability affects unknown code of the…
CVE-2025-4875
2025-05-18
HIGH
7.3
A vulnerability was found in Campcodes Online Shopping Portal 1.0. It has been declared as critical. This vulnerability affects unknown…
CVE-2025-4881
2025-05-18
HIGH
7.3
A vulnerability was found in itsourcecode Restaurant Management System 1.0 and classified as critical. Affected by this issue is some…
CVE-2025-4882
2025-05-18
HIGH
7.3
A vulnerability was found in itsourcecode Restaurant Management System 1.0. It has been classified as critical. This affects an unknown…
CVE-2025-4883
2025-05-18
HIGH
7.2
A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been declared as critical. This vulnerability affects the function ctxz_asp…
CVE-2025-4890
2025-05-18
MEDIUM
5.3
A vulnerability was found in code-projects Tourism Management System 1.0 and classified as critical. This issue affects the function LoginUser…
CVE-2025-4895
2025-05-18
HIGH
7.3
A vulnerability, which was classified as critical, has been found in SourceCodester Doctors Appointment System 1.0. This issue affects some…
CVE-2025-4898
2025-05-18
MEDIUM
5.4
A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as critical. This vulnerability affects…
CVE-2025-4899
2025-05-18
HIGH
7.3
A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been rated as critical. This issue affects…
CVE-2025-4900
2025-05-18
HIGH
7.3
A vulnerability classified as critical has been found in Campcodes Sales and Inventory System 1.0. Affected is an unknown function…
CVE-2025-27910
2025-03-10
HIGH
8.0
tianti v2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /user/ajax/upd/status. This vulnerability allows attackers to…
CVE-2024-13853
2025-03-11
MEDIUM
6.1
The SEO Tools WordPress plugin through 4.0.7 does not sanitise and escape a parameter before outputting it back in the…
CVE-2024-13862
2025-03-11
HIGH
7.1
The S3Bubble Media Streaming (AWS|Elementor|YouTube|Vimeo Functionality) WordPress plugin through 8.0 does not sanitise and escape a parameter before outputting it…
CVE-2025-0629
2025-03-11
MEDIUM
4.8
The Coronavirus (COVID-19) Notice Message WordPress plugin through 1.1.2 does not sanitise and escape some of its settings, which could…
CVE-2021-37787
2025-03-11
MEDIUM
6.5
The unprivileged administrative interface in ABO.CMS version 5.8 through v.5.9.3 is affected by a SQL Injection vulnerability via a HTTP…
CVE-2025-25925
2025-03-11
MEDIUM
4.8
A stored cross-scripting (XSS) vulnerability in Openmrs v2.4.3 Build 0ff0ed allows attackers to execute arbitrary web scripts or HTML via…
CVE-2022-41571
2022-09-27
CRITICAL
9.8
An issue was discovered in EyesOfNetwork (EON) through 5.3.11. Local file inclusion can occur.
« Anterior
Página 399 de 3521
Siguiente »
Page load link
Go to Top
