Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-29955
2025-05-13
MEDIUM
6.2
Improper input validation in Windows Hyper-V allows an unauthorized attacker to deny service locally.
CVE-2025-29956
2025-05-13
MEDIUM
5.4
Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network.
CVE-2025-29957
2025-05-13
MEDIUM
6.2
Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker to deny service locally.
CVE-2025-29958
2025-05-13
MEDIUM
6.5
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over…
CVE-2025-30383
2025-05-13
HIGH
7.8
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-30384
2025-05-13
HIGH
7.4
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
CVE-2025-30385
2025-05-13
HIGH
7.8
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-30386
2025-05-13
HIGH
8.4
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-30387
2025-05-13
CRITICAL
9.8
Improper limitation of a pathname to a restricted directory ('path traversal') in Azure allows an unauthorized attacker to elevate privileges…
CVE-2025-32705
2025-05-13
HIGH
7.8
Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.
CVE-2025-32707
2025-05-13
HIGH
7.8
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
CVE-2025-21264
2025-05-13
HIGH
7.1
Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature…
CVE-2025-24063
2025-05-13
HIGH
7.8
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2025-26677
2025-05-13
HIGH
7.5
Uncontrolled resource consumption in Remote Desktop Gateway Service allows an unauthorized attacker to deny service over a network.
CVE-2025-26684
2025-05-13
MEDIUM
6.7
External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
CVE-2025-26685
2025-05-13
MEDIUM
6.5
Improper authentication in Microsoft Defender for Identity allows an unauthorized attacker to perform spoofing over an adjacent network.
CVE-2025-27468
2025-05-13
HIGH
7.0
Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.
CVE-2025-27488
2025-05-13
MEDIUM
6.7
Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to elevate privileges locally.
CVE-2025-29826
2025-05-13
HIGH
7.3
Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
CVE-2025-29829
2025-05-13
MEDIUM
5.5
Use of uninitialized resource in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information locally.
CVE-2025-29830
2025-05-13
MEDIUM
6.5
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over…
CVE-2025-29831
2025-05-13
HIGH
7.5
Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.
CVE-2025-29832
2025-05-13
MEDIUM
6.5
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-29833
2025-05-13
HIGH
7.7
Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code locally.
CVE-2025-29835
2025-05-13
MEDIUM
6.5
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-29836
2025-05-13
MEDIUM
6.5
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-29837
2025-05-13
MEDIUM
5.5
Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally.
CVE-2025-29838
2025-05-13
HIGH
7.4
Null pointer dereference in Windows Drivers allows an unauthorized attacker to elevate privileges locally.
CVE-2025-26784
2025-05-14
MEDIUM
6.5
An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100,…
CVE-2025-24676
2025-02-03
HIGH
7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in umangmetatagg Custom WP Store Locator allows Reflected XSS.This…
CVE-2024-6533
2024-08-15
MEDIUM
5.4
Directus v10.13.0 allows an authenticated external attacker to execute arbitrary JavaScript on the client. This is possible because the application…
CVE-2025-4917
2025-05-19
HIGH
7.3
A vulnerability classified as critical has been found in PHPGurukul Auto Taxi Stand Management System 1.0. Affected is an unknown…
CVE-2025-4916
2025-05-19
HIGH
7.3
A vulnerability was found in PHPGurukul Auto Taxi Stand Management System 1.0. It has been rated as critical. This issue…
CVE-2025-4915
2025-05-19
HIGH
7.3
A vulnerability was found in PHPGurukul Auto Taxi Stand Management System 1.0. It has been declared as critical. This vulnerability…
CVE-2025-4914
2025-05-19
HIGH
7.3
A vulnerability was found in PHPGurukul Auto Taxi Stand Management System 1.0. It has been classified as critical. This affects…
CVE-2025-4913
2025-05-19
HIGH
7.3
A vulnerability was found in PHPGurukul Auto Taxi Stand Management System 1.0 and classified as critical. Affected by this issue…
CVE-2025-47760
2025-05-19
HIGH
7.8
V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6MemInIF!set_temp_type_default function. Opening specially crafted V7 or V8…
CVE-2025-47759
2025-05-19
HIGH
7.8
V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom function. Opening specially crafted V7 or V8…
CVE-2025-47758
2025-05-19
HIGH
7.8
V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6File!CTxSubFile::get_ProgramFile_name function. Opening specially crafted V7 or V8…
CVE-2025-47757
2025-05-19
HIGH
7.8
V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6MemInIF.dll!set_plc_type_default function. Opening specially crafted V7 or V8 files…
CVE-2025-47756
2025-05-19
HIGH
7.8
V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!CGamenDataRom::set_mr400_strc function. Opening specially crafted V7 or V8 files…
CVE-2025-47755
2025-05-19
HIGH
7.8
V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!VS4_SaveEnvFile function. Opening specially crafted V7 or V8 files…
CVE-2025-47754
2025-05-19
HIGH
7.8
V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!Conv_Macro_Data function. Opening specially crafted V7 or V8 files…
CVE-2025-47753
2025-05-19
HIGH
7.8
V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!CDrawSLine::GetRectArea function. Opening specially crafted V7 or V8 files…
CVE-2025-47752
2025-05-19
HIGH
7.8
V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6ComFile!MakeItemGlidZahyou function. Opening specially crafted V7 or V8 files…
CVE-2025-47751
2025-05-19
HIGH
7.8
V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6EditData!CDataRomErrorCheck::MacroCommandCheck function. Opening specially crafted V7 or V8 files…
CVE-2025-47750
2025-05-19
HIGH
7.8
V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6MemInIF!set_temp_type_default function. Opening specially crafted V7 or V8 files…
CVE-2025-47749
2025-05-19
HIGH
7.8
V-SFT v6.2.5.0 and earlier contains an issue with free of pointer not at start of buffer in VS6EditData.dll!CWinFontInf::WinFontMsgCheck function. Opening…
CVE-2024-2692
2024-04-04
CRITICAL
9.0
SiYuan version 3.0.3 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to Server…
CVE-2024-2045
2024-03-01
MEDIUM
5.5
Session version 1.17.5 allows obtaining internal application files and public files from the user's device without the user's consent. This…
« Anterior
Página 416 de 3525
Siguiente »
Page load link
Go to Top
