Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2024-47550
2025-05-13
MEDIUM
6.7
Incorrect default permissions for some Endurance Gaming Mode software installers may allow an authenticated user to potentially enable escalation of…
CVE-2024-46895
2025-05-13
MEDIUM
6.7
Uncontrolled search path for some Intel(R) Arc™ & Iris(R) Xe graphics software before version 32.0.101.6083/32.0.101.5736 may allow an authenticated user…
CVE-2024-45371
2025-05-13
MEDIUM
6.7
Improper access control for some Intel(R) Arc™ & Iris(R) Xe graphics software before version 32.0.101.6077 may allow an authenticated user…
CVE-2024-45333
2025-05-13
HIGH
7.3
Improper access control for some Intel(R) Data Center GPU Flex Series for Windows driver before version 31.0.101.4314 may allow an…
CVE-2024-45332
2025-05-13
MEDIUM
5.6
Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for…
CVE-2024-43420
2025-05-13
MEDIUM
5.6
Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel Atom(R) processors may…
CVE-2024-43101
2025-05-13
MEDIUM
5.3
Improper access control for some Intel(R) Data Center GPU Flex Series for Windows driver software before version 31.0.101.4255 may allow…
CVE-2024-39833
2025-05-13
MEDIUM
6.7
Uncontrolled search path for some Intel(R) QAT software before version 2.3.0 may allow an authenticated user to potentially enable escalation…
CVE-2024-39758
2025-05-13
MEDIUM
5.9
Improper access control for some Intel(R) Arc™ & Iris(R) Xe graphics software before version 31.0.101.4032 may allow an authenticated user…
CVE-2024-36292
2025-05-13
HIGH
7.3
Improper buffer restrictions for some Intel(R) Data Center GPU Flex Series for Windows driver before version 31.0.101.4314 may allow an…
CVE-2024-31150
2025-05-13
LOW
3.8
Out-of-bounds read for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable information disclosure via local…
CVE-2024-31073
2025-05-13
MEDIUM
6.7
Uncontrolled search path for some Intel(R) oneAPI Level Zero software may allow an authenticated user to potentially enable escalation of…
CVE-2024-29222
2025-05-13
MEDIUM
6.1
Out-of-bounds write for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable denial of service via…
CVE-2024-28956
2025-05-13
MEDIUM
5.6
Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user…
CVE-2024-28954
2025-05-13
MEDIUM
6.7
Incorrect default permissions for some Intel(R) Graphics Driver installers may allow an authenticated user to potentially enable escalation of privilege…
CVE-2024-28036
2025-05-13
MEDIUM
5.6
Improper conditions check for some Intel(R) Arc™ GPU may allow an authenticated user to potentially enable denial of service via…
CVE-2025-46400
2025-04-23
MEDIUM
4.7
In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via…
CVE-2025-46399
2025-04-23
MEDIUM
4.7
In xfig diagramming tool, a segmentation fault in fig2dev allows memory corruption via local input manipulation at genge_itp_spline function.
CVE-2025-46398
2025-04-23
MEDIUM
4.7
In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via read_objects function.
CVE-2025-46397
2025-04-23
MEDIUM
4.7
In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation at the bezier_spline function.
CVE-2025-32922
2025-05-15
HIGH
7.1
Cross-Site Request Forgery (CSRF) vulnerability in Tobias WP2LEADS allows Stored XSS.This issue affects WP2LEADS: from n/a through 3.5.0.
CVE-2025-30476
2025-05-15
MEDIUM
5.3
Dell PowerScale InsightIQ, version 5.2, contains an uncontrolled resource consumption vulnerability. An unauthenticated attacker with remote access could potentially exploit…
CVE-2025-30475
2025-05-15
HIGH
8.1
Dell PowerScale InsightIQ, versions 5.0 through 5.2, contains an improper privilege management vulnerability. An unauthenticated attacker with remote access could…
CVE-2025-26481
2025-05-15
HIGH
7.5
Dell PowerScale OneFS, versions 9.4.0.0 through 9.9.0.0, contains an uncontrolled resource consumption vulnerability. A remote unprivileged attacker could potentially exploit…
CVE-2024-56006
2025-05-15
MEDIUM
5.3
Missing Authorization vulnerability in Automattic Jetpack Debug Tools.This issue affects Jetpack Debug Tools: from n/a before 2.0.1.
CVE-2024-51666
2025-05-15
MEDIUM
4.3
Missing Authorization vulnerability in Automattic Tours.This issue affects Tours: from n/a through 1.0.0.
CVE-2025-47774
2025-05-15
N/A
0.0
Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. In versions up to and including 0.4.2rc1, the `slice()`…
CVE-2025-47285
2025-05-15
N/A
0.0
Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. In versions up to and including 0.4.2rc1, `concat()` may…
CVE-2025-47279
2025-05-15
LOW
3.1
Undici is an HTTP/1.1 client for Node.js. Prior to versions 5.29.0, 6.21.2, and 7.5.0, applications that use undici to implement…
CVE-2025-44110
2025-05-15
MEDIUM
5.4
FluxBB 1.5.11 is vulnerable to Cross Site Scripting (XSS) in via the Forum Description Field in admin_forums.php.
CVE-2025-43853
2025-05-15
N/A
0.0
The WebAssembly Micro Runtime's (WAMR) iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface…
CVE-2025-47580
2025-05-15
MEDIUM
5.4
Missing Authorization vulnerability in Rustaurius Front End Users allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Front End…
CVE-2025-48051
2025-05-15
MEDIUM
4.7
powertip.ts in Lila (for Lichess) before ab0beaf allows XSS in some applications because of an innerHTML usage pattern in which…
CVE-2025-3440
2025-05-15
MEDIUM
5.5
IBM Security Guardium 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript…
CVE-2025-2570
2025-05-15
LOW
2.7
Mattermost versions 10.5.x
CVE-2025-2527
2025-05-15
MEDIUM
4.3
Mattermost versions 10.5.x
CVE-2025-4701
2025-05-15
MEDIUM
5.3
A vulnerability, which was classified as problematic, has been found in VITA-MLLM Freeze-Omni up to 20250421. This issue affects the…
CVE-2025-46052
2025-05-15
CRITICAL
9.8
An error-based SQL Injection (SQLi) vulnerability in WebERP v4.15.2 allows attackers to execute arbitrary SQL command and extract sensitive data…
CVE-2025-4762
2025-05-15
N/A
0.0
Insecure Direct Object Reference (IDOR) vulnerability in the eSignaViewer component in eSigna product versions 1.0 to 1.5 on all platforms…
CVE-2025-4564
2025-05-15
CRITICAL
9.8
The TicketBAI Facturas para WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation…
CVE-2025-3446
2025-05-15
MEDIUM
4.3
Mattermost versions 10.6.x
CVE-2025-31947
2025-05-15
MEDIUM
5.8
Mattermost versions 10.6.x
CVE-2025-32738
2025-05-15
MEDIUM
5.3
Missing authentication for critical function issue exists in I-O DATA network attached hard disk 'HDL-T Series' firmware Ver.1.21 and earlier.…
CVE-2025-32002
2025-05-15
CRITICAL
9.8
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in I-O DATA network attached…
CVE-2025-4737
2025-05-15
MEDIUM
6.2
Insufficient encryption vulnerability in the mobile application (com.transsion.aivoiceassistant) may lead to the risk of sensitive information leakage.
CVE-2025-27525
2025-05-15
LOW
3.9
Information Exposure vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows.This issue affects JP1/IT Desktop Management…
CVE-2025-27524
2025-05-15
MEDIUM
5.3
Weak encryption vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows.This issue affects JP1/IT Desktop Management…
CVE-2025-27523
2025-05-15
HIGH
8.7
XXE vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows.This issue affects JP1/IT Desktop Management 2…
CVE-2025-48027
2025-05-15
MEDIUM
5.4
The HttpAuth plugin in pGina.Fork through 3.9.9.12 allows authentication bypass when an adversary controls DNS resolution for pginaloginserver.
CVE-2024-13914
2025-05-15
HIGH
7.2
The File Manager Advanced Shortcode WordPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to,…
« Anterior
Página 433 de 3527
Siguiente »
Page load link
Go to Top
