Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2021-41433
2022-09-27
CRITICAL
9.8
SQL Injection vulnerability exists in version 1.0 of the Resumes Management and Job Application Website application login form by EGavilan…
CVE-2021-27862
2022-09-27
MEDIUM
4.7
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and…
CVE-2021-27861
2022-09-27
MEDIUM
4.7
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and…
CVE-2021-27854
2022-09-27
MEDIUM
4.7
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP…
CVE-2025-26091
2025-03-04
MEDIUM
4.6
A Cross Site Scripting (XSS) vulnerability exists in TeamPasswordManager v12.162.284 and before that could allow a remote attacker to execute…
CVE-2025-33072
2025-05-08
HIGH
8.1
Improper access control in Azure allows an unauthorized attacker to disclose information over a network.
CVE-2024-44674
2024-10-07
MEDIUM
5.7
D-Link COVR-2600R FW101b05 is vulnerable to Buffer Overflow. In the function sub_24E28, the HTTP_REFERER is obtained through an environment variable,…
CVE-2025-47732
2025-05-08
HIGH
8.7
Microsoft Dataverse Remote Code Execution Vulnerability
CVE-2024-44589
2024-09-18
HIGH
8.8
Stack overflow vulnerability in the Login function in the HNAP service in D-Link DCS-960L with firmware 1.09 allows attackers to…
CVE-2025-47733
2025-05-08
CRITICAL
9.1
Server-Side Request Forgery (SSRF) in Microsoft Power Apps allows an unauthorized attacker to disclose information over a network
CVE-2024-33774
2024-05-14
MEDIUM
6.5
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formWlanSetup_Wizard allows remote authenticated users to trigger a…
CVE-2024-33773
2024-05-14
MEDIUM
6.5
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formWlanGuestSetup allows remote authenticated users to trigger a…
CVE-2024-33772
2024-05-14
MEDIUM
5.7
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via formTcpipSetup allows remote authenticated users to trigger a…
CVE-2024-33771
2024-05-14
MEDIUM
6.5
A buffer overflow vulnerability in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 via goform/formWPS, allows remote authenticated users to trigger a…
CVE-2025-3810
2025-05-09
CRITICAL
9.8
The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including,…
CVE-2025-4773
2025-05-16
HIGH
7.3
A vulnerability was found in PHPGurukul Online Course Registration 3.1 and classified as critical. Affected by this issue is some…
CVE-2025-4777
2025-05-16
MEDIUM
6.3
A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0. It has been classified as critical. This affects an…
CVE-2025-39481
2025-05-16
CRITICAL
9.3
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in imithemes Eventer allows Blind SQL Injection.…
CVE-2025-4771
2025-05-16
HIGH
7.3
A vulnerability, which was classified as critical, was found in PHPGurukul Online Course Registration 3.1. Affected is an unknown function…
CVE-2025-45746
2025-05-13
MEDIUM
6.5
In ZKT ZKBio CVSecurity 6.4.1_R an unauthenticated attacker can craft JWT token using the hardcoded secret to authenticate to the…
CVE-2022-40890
2022-09-29
HIGH
7.5
A vulnerability in /src/amf/amf-context.c in Open5GS 2.4.10 and earlier leads to AMF denial of service.
CVE-2022-40363
2022-09-29
MEDIUM
5.5
A buffer overflow in the component nfc_device_load_mifare_ul_data of Flipper Devices Inc., Flipper Zero before v0.65.2 allows attackers to cause a…
CVE-2022-30935
2022-09-28
CRITICAL
9.1
An authorization bypass in b2evolution allows remote, unauthenticated attackers to predict password reset tokens for any user through the use…
CVE-2022-32170
2022-09-28
MEDIUM
4.3
The “Bytebase” application does not restrict low privilege user to access admin “projects“ for which an unauthorized user can view…
CVE-2022-32169
2022-09-28
MEDIUM
4.3
The “Bytebase” application does not restrict low privilege user to access “admin issues“ for which an unauthorized user can view…
CVE-2025-3811
2025-05-09
CRITICAL
9.8
The WPBookit plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including,…
CVE-2025-4901
2025-05-19
MEDIUM
4.3
A vulnerability classified as problematic was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Affected by this vulnerability is the function sub_41E304…
CVE-2025-4756
2025-05-16
MEDIUM
5.3
A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125). It has been declared as problematic. This vulnerability affects unknown code…
CVE-2025-4902
2025-05-19
MEDIUM
5.3
A vulnerability, which was classified as problematic, has been found in D-Link DI-7003GV2 24.04.18D1 R(68125). Affected by this issue is…
CVE-2025-3878
2025-05-10
MEDIUM
6.4
The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sa_verify…
CVE-2025-3876
2025-05-10
HIGH
8.8
The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Privilege Escalation due to insufficient user OTP…
CVE-2024-48150
2024-10-14
CRITICAL
9.8
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_451208 function.
CVE-2025-4911
2025-05-19
HIGH
7.3
A vulnerability, which was classified as critical, was found in PHPGurukul Zoo Management System 2.1. Affected is an unknown function…
CVE-2024-36832
2024-12-17
HIGH
7.5
A NULL pointer dereference in D-Link DAP-1513 REVA_FIRMWARE_1.01 allows attackers to cause a Denial of Service (DoS) via a crafted…
CVE-2024-44411
2024-09-09
CRITICAL
9.8
D-Link DI-8300 v16.07.26A1 is vulnerable to command injection via the msp_info_htm function.
CVE-2024-57045
2025-02-18
CRITICAL
9.8
A vulnerability in the D-Link DIR-859 router with firmware version A3 1.05 and earlier permits unauthorized individuals to bypass the…
CVE-2024-34950
2024-05-14
HIGH
7.5
D-Link DIR-822+ v1.0.5 was discovered to contain a stack-based buffer overflow vulnerability in the SetNetworkTomographySettings module.
CVE-2024-33111
2024-05-06
MEDIUM
5.4
D-Link DIR-845L router
CVE-2024-33112
2024-05-06
HIGH
7.5
D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Command injection via the hnap_main()func.
CVE-2024-33113
2024-05-06
MEDIUM
5.3
D-LINK DIR-845L
CVE-2024-33110
2024-05-06
CRITICAL
9.1
D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Permission Bypass via the getcfg.php component.
CVE-2025-4925
2025-05-19
HIGH
7.3
A vulnerability has been found in PHPGurukul Daily Expense Tracker System 1.1 and classified as critical. Affected by this vulnerability…
CVE-2024-33345
2024-04-29
MEDIUM
6.5
D-Link DIR-823G A1V1.0.2B05 was found to contain a Null-pointer dereference in the main function of upload_firmware.cgi, which allows remote attackers…
CVE-2024-33344
2024-04-26
CRITICAL
9.8
D-Link DIR-822+ V1.0.5 was found to contain a command injection in ftext function of upload_firmware.cgi, which allows remote attackers to…
CVE-2024-33343
2024-04-26
HIGH
8.8
D-Link DIR-822+ V1.0.5 was found to contain a command injection in ChgSambaUserSettings function of prog.cgi, which allows remote attackers to…
CVE-2024-33342
2024-04-26
HIGH
7.5
D-Link DIR-822+ V1.0.5 was found to contain a command injection in SetPlcNetworkpwd function of prog.cgi, which allows remote attackers to…
CVE-2025-4926
2025-05-19
MEDIUM
4.7
A vulnerability was found in PHPGurukul Car Rental Project 1.0 and classified as critical. Affected by this issue is some…
CVE-2025-4927
2025-05-19
HIGH
7.3
A vulnerability was found in PHPGurukul Online Marriage Registration System 1.0. It has been classified as critical. This affects an…
CVE-2023-49575
2024-05-24
HIGH
7.1
A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14, in Sync Breeze Enterprise Server 10.4.18 version, and in Disk…
CVE-2023-49572
2024-05-24
HIGH
7.1
A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14, and in Disk Pulse Enterprise 10.4.18 version, that could…
« Anterior
Página 404 de 3521
Siguiente »
Page load link
Go to Top
