Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2024-52601
2025-05-14
MEDIUM
6.5
iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, anyone with an account…
CVE-2024-10865
2025-05-14
N/A
0.0
Improper Input validation leads to XSS or Cross-site Scripting vulnerability in OpenText Advanced Authentication. This issue affects Advanced Authentication versions…
CVE-2024-10864
2025-05-14
N/A
0.0
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenText Advanced Authentication. This issue affects Advanced…
CVE-2025-47436
2025-05-14
N/A
0.0
Heap-based Buffer Overflow vulnerability in Apache ORC. A vulnerability has been identified in the ORC C++ LZO decompression logic, where…
CVE-2025-3600
2025-05-14
HIGH
7.5
In Progress® Telerik® UI for AJAX, versions 2011.2.712 to 2025.1.218, an unsafe reflection vulnerability exists that may lead to an…
CVE-2023-53146
2025-05-14
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer() In dw2102_i2c_transfer, msg is…
CVE-2025-47445
2025-05-14
HIGH
7.5
Relative Path Traversal vulnerability in Themewinter Eventin allows Path Traversal.This issue affects Eventin: from n/a through 4.0.26.
CVE-2025-3931
2025-05-14
HIGH
7.8
A flaw was found in Yggdrasil, which acts as a system broker, allowing the processes to communicate to other children's…
CVE-2025-3769
2025-05-14
MEDIUM
5.3
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Insecure Direct Object Reference…
CVE-2025-4430
2025-05-14
N/A
0.0
Unauthorized access to "/api/Token/gettoken" endpoint in EZD RP allows file manipulation.This issue affects EZD RP in versions before 20.19 (published…
CVE-2025-47292
2025-05-14
N/A
0.0
Cap Collectif is an online decision making platform that integrates several tools. Before commit 812f2a7d271b76deab1175bdaf2be0b8102dd198, the `DebateAlternateArgumentsResolver` deserializes a `Cursor`,…
CVE-2025-3834
2025-05-14
HIGH
8.1
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the OU History report.
CVE-2025-3833
2025-05-14
HIGH
8.1
Zohocorp ManageEngine ADSelfService Plus versions 6513 and prior are vulnerable to authenticated SQL injection in the MFA reports.
CVE-2024-24780
2025-05-14
CRITICAL
9.8
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can…
CVE-2025-2875
2025-05-14
HIGH
7.5
CWE-610: Externally Controlled Reference to a Resource in Another Sphere vulnerability exists that could cause a loss of confidentiality when…
CVE-2024-8988
2025-05-14
MEDIUM
5.3
The PeepSo Core: File Uploads plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to,…
CVE-2024-13940
2025-05-14
MEDIUM
5.5
The Ninja Forms Webhooks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including,…
CVE-2024-52290
2025-05-14
MEDIUM
6.3
LF Edge eKuiper is a lightweight internet of things (IoT) data analytics and stream processing engine. Prior to version 2.1.0…
CVE-2025-4520
2025-05-14
MEDIUM
5.4
The Uncanny Automator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on…
CVE-2025-3623
2025-05-14
HIGH
8.1
The Uncanny Automator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 6.4.0.1…
CVE-2025-4574
2025-05-13
MEDIUM
6.5
In crossbeam-channel rust crate, the internal `Channel` type's `Drop` method has a race condition which could, in some circumstances, lead…
CVE-2025-26646
2025-05-13
HIGH
8.0
External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized…
CVE-2025-24495
2025-05-13
MEDIUM
5.6
Incorrect initialization of resource in the branch prediction unit for some Intel(R) Core™ Ultra Processors may allow an authenticated user…
CVE-2025-24308
2025-05-13
HIGH
7.5
Improper input validation in the UEFI firmware error handler for the Intel(R) Server D50DNP and M50FCP may allow a privileged…
CVE-2025-23233
2025-05-13
LOW
3.5
Incorrect execution-assigned permissions for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially…
CVE-2025-22895
2025-05-13
MEDIUM
5.5
Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow…
CVE-2025-22892
2025-05-13
MEDIUM
6.5
Uncontrolled resource consumption for some OpenVINO™ model server software maintained by Intel(R) before version 2024.4 may allow an unauthenticated user…
CVE-2025-22848
2025-05-13
LOW
3.5
Improper conditions check for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially…
CVE-2025-22844
2025-05-13
MEDIUM
4.3
Improper access control for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an unauthenticated user to potentially…
CVE-2025-22843
2025-05-13
HIGH
7.8
Incorrect execution-assigned permissions for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially…
CVE-2025-22448
2025-05-13
MEDIUM
6.1
Insecure inherited permissions for some Intel(R) Simics(R) Package Manager software before version 1.12.0 may allow an authenticated user to potentially…
CVE-2025-22446
2025-05-13
MEDIUM
4.6
Inadequate encryption strength for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially…
CVE-2025-21100
2025-05-13
MEDIUM
4.1
Improper initialization in the UEFI firmware for the Intel(R) Server D50DNP and M50FCP boards may allow a privileged user to…
CVE-2025-21099
2025-05-13
MEDIUM
6.7
Uncontrolled search path for some Intel(R) Graphics software may allow an authenticated user to potentially enable escalation of privilege via…
CVE-2025-21094
2025-05-13
HIGH
7.5
Improper input validation in the UEFI firmware DXE module for the Intel(R) Server D50DNP and M50FCP boards may allow a…
CVE-2025-21081
2025-05-13
MEDIUM
4.5
Protection mechanism failure for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially…
CVE-2025-20629
2025-05-13
MEDIUM
6.7
Insecure inherited permissions in the NVM Update Utility for some Intel(R) Ethernet Network Adapter E810 Series before version 4.60 may…
CVE-2025-20624
2025-05-13
MEDIUM
5.7
Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow…
CVE-2025-20623
2025-05-13
MEDIUM
5.6
Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel(R) Core™ processors (10th…
CVE-2025-20618
2025-05-13
HIGH
7.9
Stack-based buffer overflow for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.100 may allow a privileged user to…
CVE-2025-20616
2025-05-13
MEDIUM
5.5
Uncontrolled resource consumption for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially…
CVE-2025-20612
2025-05-13
MEDIUM
5.5
Incorrect execution-assigned permissions for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially…
CVE-2025-20611
2025-05-13
MEDIUM
4.7
Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow…
CVE-2025-20108
2025-05-13
MEDIUM
6.7
Uncontrolled search path element for some Intel(R) Network Adapter Driver installers for Windows 11 before version 29.4 may allow an…
CVE-2025-20104
2025-05-13
HIGH
7.3
Race condition in some Administrative Tools for some Intel(R) Network Adapters package before version 29.4 may allow an authenticated user…
CVE-2025-20103
2025-05-13
MEDIUM
6.5
Insufficient resource pool in the core management mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable…
CVE-2025-20101
2025-05-13
HIGH
8.4
Out-of-bounds read for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable information disclosure or denial of…
CVE-2025-20100
2025-05-13
HIGH
7.5
Improper access control in the memory controller configurations for some Intel(R) Xeon(R) 6 processor with E-cores may allow a privileged…
CVE-2025-20095
2025-05-13
MEDIUM
6.7
Incorrect Default Permissions for some Intel(R) RealSense™ SDK software before version 2.56.2 may allow an authenticated user to potentially enable…
CVE-2025-20084
2025-05-13
LOW
3.5
Uncontrolled resource consumption for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially…
« Anterior
Página 431 de 3527
Siguiente »
Page load link
Go to Top
