Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-32702
2025-05-13
HIGH
7.8
Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an unauthorized attacker to execute…
CVE-2025-32703
2025-05-13
MEDIUM
5.5
Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.
CVE-2025-32704
2025-05-13
HIGH
8.4
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-29839
2025-05-13
MEDIUM
4.0
Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally.
CVE-2025-29840
2025-05-13
HIGH
8.8
Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.
CVE-2025-29841
2025-05-13
HIGH
7.0
Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to…
CVE-2024-4534
2024-05-27
MEDIUM
6.1
The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not have CSRF check in some places, and is missing sanitisation as…
CVE-2024-4535
2024-05-27
HIGH
8.8
The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not have CSRF checks in some places, which could allow attackers to…
CVE-2024-4533
2024-05-27
MEDIUM
6.5
The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not sanitize and escape a parameter before using it in a SQL…
CVE-2025-29842
2025-05-13
HIGH
7.5
Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker to bypass a security feature over…
CVE-2025-29954
2025-05-13
MEDIUM
5.9
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a…
CVE-2025-29955
2025-05-13
MEDIUM
6.2
Improper input validation in Windows Hyper-V allows an unauthorized attacker to deny service locally.
CVE-2025-29956
2025-05-13
MEDIUM
5.4
Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network.
CVE-2025-29957
2025-05-13
MEDIUM
6.2
Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker to deny service locally.
CVE-2025-29958
2025-05-13
MEDIUM
6.5
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over…
CVE-2025-30383
2025-05-13
HIGH
7.8
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-30384
2025-05-13
HIGH
7.4
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
CVE-2025-30385
2025-05-13
HIGH
7.8
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-30386
2025-05-13
HIGH
8.4
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-30387
2025-05-13
CRITICAL
9.8
Improper limitation of a pathname to a restricted directory ('path traversal') in Azure allows an unauthorized attacker to elevate privileges…
CVE-2025-32705
2025-05-13
HIGH
7.8
Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.
CVE-2025-32707
2025-05-13
HIGH
7.8
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
CVE-2025-21264
2025-05-13
HIGH
7.1
Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature…
CVE-2025-24063
2025-05-13
HIGH
7.8
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2025-26677
2025-05-13
HIGH
7.5
Uncontrolled resource consumption in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.
CVE-2025-26684
2025-05-13
MEDIUM
6.7
External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
CVE-2025-26685
2025-05-13
MEDIUM
6.5
Improper authentication in Microsoft Defender for Identity allows an unauthorized attacker to perform spoofing over an adjacent network.
CVE-2025-27468
2025-05-13
HIGH
7.0
Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.
CVE-2025-27488
2025-05-13
MEDIUM
6.7
Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally.
CVE-2025-29826
2025-05-13
HIGH
7.3
Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
CVE-2025-29829
2025-05-13
MEDIUM
5.5
Use of uninitialized resource in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information locally.
CVE-2025-29830
2025-05-13
MEDIUM
6.5
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over…
CVE-2025-29831
2025-05-13
HIGH
7.5
Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.
CVE-2025-29832
2025-05-13
MEDIUM
6.5
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-29833
2025-05-13
HIGH
7.7
Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code locally.
CVE-2025-29835
2025-05-13
MEDIUM
6.5
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-29836
2025-05-13
MEDIUM
6.5
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-29837
2025-05-13
MEDIUM
5.5
Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally.
CVE-2025-29838
2025-05-13
HIGH
7.4
Null pointer dereference in Windows Drivers allows an unauthorized attacker to elevate privileges locally.
CVE-2025-26784
2025-05-14
MEDIUM
6.5
An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100,…
CVE-2025-24676
2025-02-03
HIGH
7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in umangmetatagg Custom WP Store Locator allows Reflected XSS.This…
CVE-2024-6533
2024-08-15
MEDIUM
5.4
Directus v10.13.0 allows an authenticated external attacker to execute arbitrary JavaScript on the client. This is possible because the application…
CVE-2025-4917
2025-05-19
HIGH
7.3
A vulnerability classified as critical has been found in PHPGurukul Auto Taxi Stand Management System 1.0. Affected is an unknown…
CVE-2025-4916
2025-05-19
HIGH
7.3
A vulnerability was found in PHPGurukul Auto Taxi Stand Management System 1.0. It has been rated as critical. This issue…
CVE-2025-4915
2025-05-19
HIGH
7.3
A vulnerability was found in PHPGurukul Auto Taxi Stand Management System 1.0. It has been declared as critical. This vulnerability…
CVE-2025-4914
2025-05-19
HIGH
7.3
A vulnerability was found in PHPGurukul Auto Taxi Stand Management System 1.0. It has been classified as critical. This affects…
CVE-2025-4913
2025-05-19
HIGH
7.3
A vulnerability was found in PHPGurukul Auto Taxi Stand Management System 1.0 and classified as critical. Affected by this issue…
CVE-2025-47760
2025-05-19
HIGH
7.8
V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6MemInIF!set_temp_type_default function. Opening specially crafted V7 or V8…
CVE-2025-47759
2025-05-19
HIGH
7.8
V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom function. Opening specially crafted V7 or V8…
CVE-2025-47758
2025-05-19
HIGH
7.8
V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6File!CTxSubFile::get_ProgramFile_name function. Opening specially crafted V7 or V8…
« Anterior
Página 413 de 3522
Siguiente »
Page load link
Go to Top
