Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-4933
2025-05-19
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in ponaravindb Hospital-Management-System 1.0. This affects an unknown part of the…
CVE-2025-4930
2025-05-19
HIGH
7.3
A vulnerability classified as critical has been found in Campcodes Online Shopping Portal 1.0. Affected is an unknown function of…
CVE-2025-2099
2025-05-19
HIGH
7.5
A vulnerability in the `preprocess_string()` function of the `transformers.testing_utils` module in huggingface/transformers version v4.48.3 allows for a Regular Expression Denial…
CVE-2025-4929
2025-05-19
HIGH
7.3
A vulnerability was found in Campcodes Online Shopping Portal 1.0. It has been rated as critical. This issue affects some…
CVE-2025-4928
2025-05-19
HIGH
7.3
A vulnerability was found in projectworlds Online Lawyer Management System 1.0. It has been declared as critical. This vulnerability affects…
CVE-2025-4924
2025-05-19
HIGH
7.3
A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. Affected is an unknown…
CVE-2025-4912
2025-05-19
MEDIUM
5.4
A vulnerability has been found in SourceCodester Student Result Management System 1.0 and classified as critical. Affected by this vulnerability…
CVE-2025-4910
2025-05-19
HIGH
7.3
A vulnerability, which was classified as critical, has been found in PHPGurukul Zoo Management System 2.1. This issue affects some…
CVE-2025-22635
2025-02-23
HIGH
7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jyothis Joy Eventer allows Reflected XSS. This issue…
CVE-2025-4861
2025-05-18
HIGH
7.3
A vulnerability classified as critical was found in PHPGurukul Beauty Parlour Management System 1.1. Affected by this vulnerability is an…
CVE-2025-4862
2025-05-18
MEDIUM
4.3
A vulnerability, which was classified as problematic, has been found in PHPGurukul Directory Management System 2.0. Affected by this issue…
CVE-2025-4873
2025-05-18
HIGH
7.3
A vulnerability has been found in PHPGurukul News Portal 4.1 and classified as critical. Affected by this vulnerability is an…
CVE-2025-4874
2025-05-18
HIGH
7.3
A vulnerability was found in PHPGurukul News Portal Project 4.1 and classified as critical. Affected by this issue is some…
CVE-2025-4880
2025-05-18
HIGH
7.3
A vulnerability has been found in PHPGurukul News Portal 4.1 and classified as critical. Affected by this vulnerability is an…
CVE-2025-4906
2025-05-19
HIGH
7.3
A vulnerability was found in PHPGurukul Notice Board System 1.0. It has been classified as critical. Affected is an unknown…
CVE-2025-4907
2025-05-19
HIGH
7.3
A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. Affected by this…
CVE-2025-1612
2025-02-24
LOW
3.5
A vulnerability was found in Edimax BR-6288ACL 1.30. It has been declared as problematic. This vulnerability affects unknown code of…
CVE-2025-4908
2025-05-19
HIGH
7.3
A vulnerability classified as critical has been found in PHPGurukul Daily Expense Tracker System 1.1. This affects an unknown part…
CVE-2025-26884
2025-02-25
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpsoul Greenshift allows Stored XSS. This issue affects…
CVE-2022-38553
2022-09-26
MEDIUM
6.1
Academy Learning Management System before v5.9.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Search parameter.
CVE-2022-2926
2022-09-26
MEDIUM
4.9
The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users…
CVE-2025-26963
2025-02-25
MEDIUM
5.4
Cross-Site Request Forgery (CSRF) vulnerability in flowdee ClickWhale allows Cross Site Request Forgery. This issue affects ClickWhale: from n/a through…
CVE-2025-26971
2025-02-25
HIGH
7.6
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ays-pro Poll Maker allows Blind SQL…
CVE-2025-26987
2025-02-25
HIGH
7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shabti Kaplan Frontend Admin by DynamiApps allows Reflected…
CVE-2025-0767
2025-02-27
CRITICAL
9.8
WP Activity Log 5.3.2 was found to be vulnerable. Unvalidated user input is used directly in an unserialize function in…
CVE-2025-22387
2025-01-04
HIGH
7.5
An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity issue exists in requests for resources where the…
CVE-2025-1363
2025-03-09
LOW
3.5
The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not sanitise and escape…
CVE-2025-1362
2025-03-09
MEDIUM
4.3
The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not have CSRF checks…
CVE-2024-13668
2025-03-07
HIGH
7.1
The WordPress Activity O Meter WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back…
CVE-2025-1382
2025-03-09
MEDIUM
6.1
The Contact Us By Lord Linus WordPress plugin through 2.6 does not have CSRF check in some places, and is…
CVE-2025-2717
2025-03-25
MEDIUM
4.7
A vulnerability, which was classified as critical, has been found in D-Link DIR-823X 240126/240802. This issue affects the function sub_41710C…
CVE-2025-1103
2025-02-07
MEDIUM
6.5
A vulnerability, which was classified as problematic, was found in D-Link DIR-823X 240126/240802. This affects the function set_wifi_blacklists of the…
CVE-2024-11638
2025-03-10
HIGH
8.8
The Gtbabel WordPress plugin before 6.6.9 does not ensure that the URL to perform code analysis upon belongs to the…
CVE-2025-22968
2025-01-15
CRITICAL
9.8
An issue in D-Link DWR-M972V 1.05SSG allows a remote attacker to execute arbitrary code via SSH using root account without…
CVE-2025-1876
2025-03-03
HIGH
7.3
A vulnerability, which was classified as critical, has been found in D-Link DAP-1562 1.10. Affected by this issue is the…
CVE-2025-1800
2025-03-01
MEDIUM
6.3
A vulnerability has been found in D-Link DAR-7000 3.2 and classified as critical. This vulnerability affects the function get_ip_addr_details of…
CVE-2025-24032
2025-02-10
N/A
0.0
PAM-PKCS#11 is a Linux-PAM login module that allows a X.509 certificate based user login. Prior to version 0.6.13, if cert_policy…
CVE-2022-41570
2022-09-27
CRITICAL
9.8
An issue was discovered in EyesOfNetwork (EON) through 5.3.11. Unauthenticated SQL injection can occur.
CVE-2022-40044
2022-09-26
MEDIUM
5.4
Centreon v20.10.18 was discovered to contain a cross-site scripting (XSS) vulnerability via the esc_name (Escalation Name) parameter at Configuration/Notifications/Escalations. This…
CVE-2022-40043
2022-09-26
HIGH
8.8
Centreon v20.10.18 was discovered to contain a SQL injection vulnerability via the esc_name (Escalation Name) parameter at Configuration/Notifications/Escalations.
CVE-2022-3303
2022-09-27
MEDIUM
4.7
A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to…
CVE-2022-3272
2022-09-26
HIGH
7.5
Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8.
CVE-2022-3071
2022-09-26
HIGH
8.8
Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker…
CVE-2022-3058
2022-09-26
HIGH
8.8
Use after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user…
CVE-2022-3057
2022-09-26
MEDIUM
6.5
Inappropriate implementation in iframe Sandbox in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to leak cross-origin data via…
CVE-2022-3056
2022-09-26
MEDIUM
6.5
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to bypass content…
CVE-2022-3051
2022-09-26
HIGH
8.8
Heap buffer overflow in Exosphere in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who…
CVE-2022-3050
2022-09-26
HIGH
8.8
Heap buffer overflow in WebUI in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced…
CVE-2022-39835
2022-09-27
MEDIUM
5.3
An issue was discovered in Gajim through 1.4.7. The vulnerability allows attackers, via crafted XML stanzas, to correct messages that…
CVE-2022-34326
2022-09-27
HIGH
7.5
In ambiot amb1_sdk (aka SDK for Ameba1) before 2022-06-20 on Realtek RTL8195AM devices before 284241d70308ff2519e40afd7b284ba892c730a3, the timer task and RX…
« Anterior
Página 402 de 3521
Siguiente »
Page load link
Go to Top
