Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2022-35053
2022-10-14
MEDIUM
6.5
OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x61731f.
CVE-2022-32931
2024-01-10
MEDIUM
5.5
This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. An app with root…
CVE-2022-2985
2022-10-14
HIGH
7.8
In music service, there is a missing permission check. This could lead to elevation of privilege in contacts service with…
CVE-2022-2984
2022-10-14
MEDIUM
5.5
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead…
CVE-2022-35052
2022-10-14
MEDIUM
6.5
OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b84b1.
CVE-2022-25661
2022-10-19
HIGH
8.4
Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…
CVE-2022-2963
2022-10-14
HIGH
7.5
A vulnerability found in jasper. This security vulnerability happens because of a memory leak bug in function cmdopts_parse that can…
CVE-2022-2850
2022-10-14
MEDIUM
6.5
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL…
CVE-2022-2780
2022-10-14
HIGH
8.1
In affected versions of Octopus Server it is possible to use the Git Connectivity test function on the VCS project…
CVE-2022-25660
2022-10-19
HIGH
7.8
Memory corruption due to double free issue in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…
CVE-2024-7056
2024-11-25
MEDIUM
4.8
The WPForms WordPress plugin before 1.9.1.6 does not sanitise and escape some of its settings, which could allow high privilege…
CVE-2024-10471
2024-11-26
MEDIUM
4.8
The Everest Forms WordPress plugin before 3.0.4.2 does not sanitise and escape some of its settings, which could allow high…
CVE-2024-46054
2024-11-27
CRITICAL
9.8
OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible without authentication, allowing any user to upload…
CVE-2024-3405
2024-05-15
HIGH
7.6
The WP Prayer WordPress plugin through 2.0.9 does not have CSRF check in place when updating its settings, which could…
CVE-2024-3406
2024-05-15
HIGH
8.8
The WP Prayer WordPress plugin through 2.0.9 does not have CSRF check in place when updating its email settings, which…
CVE-2024-3407
2024-05-15
MEDIUM
5.3
The WP Prayer WordPress plugin through 2.0.9 does not have CSRF checks in some places, which could allow attackers to…
CVE-2024-3629
2024-05-15
LOW
2.4
The HL Twitter WordPress plugin through 2014.1.18 does not have CSRF check in place when updating its settings, which could…
CVE-2022-39117
2022-10-14
MEDIUM
5.5
In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution…
CVE-2022-39115
2022-10-14
MEDIUM
5.5
In Music service, there is a missing permission check. This could lead to local denial of service in Music service…
CVE-2022-39114
2022-10-14
MEDIUM
5.5
In Music service, there is a missing permission check. This could lead to local denial of service in Music service…
CVE-2022-39112
2022-10-14
MEDIUM
5.5
In Music service, there is a missing permission check. This could lead to local denial of service in Music service…
CVE-2022-41199
2022-10-11
HIGH
7.8
Due to lack of proper memory management, when a victim opens a manipulated Open Inventor File (.iv, vrml.x3d) file received…
CVE-2022-39111
2022-10-14
HIGH
7.8
In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with…
CVE-2022-39110
2022-10-14
HIGH
7.8
In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with…
CVE-2022-39065
2022-10-14
MEDIUM
6.5
A single malformed IEEE 802.15.4 (Zigbee) frame makes the TRÅDFRI gateway unresponsive, such that connected lighting cannot be controlled with…
CVE-2022-38986
2022-10-14
CRITICAL
9.1
The HIPP module has a vulnerability of bypassing the check of the data transferred in the kernel space.Successful exploitation of…
CVE-2022-2828
2022-10-13
MEDIUM
6.5
In affected versions of Octopus Server it is possible to reveal information about teams via the API due to an…
CVE-2024-3630
2024-05-15
MEDIUM
5.4
The HL Twitter WordPress plugin through 2014.1.18 does not sanitise and escape some of its settings, which could allow high…
CVE-2024-2220
2024-05-23
LOW
3.5
The Button contact VR WordPress plugin through 4.7 does not sanitise and escape some of its settings, which could allow…
CVE-2024-3631
2024-05-15
MEDIUM
4.3
The HL Twitter WordPress plugin through 2014.1.18 does not have CSRF check when unlinking twitter accounts, which could allow attackers…
CVE-2024-3748
2024-05-15
MEDIUM
6.5
The SP Project & Document Manager WordPress plugin through 4.71 is missing validation in its upload function, allowing a user…
CVE-2024-3749
2024-05-15
MEDIUM
6.5
The SP Project & Document Manager WordPress plugin through 4.71 lacks proper access controllers and allows a logged in user…
CVE-2024-1204
2024-04-15
MEDIUM
4.3
The Meta Box WordPress plugin before 5.9.4 does not prevent users with at least the contributor role from access arbitrary…
CVE-2024-3822
2024-05-15
MEDIUM
4.8
The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not sanitise and escape a parameter before outputting it back in the…
CVE-2024-3823
2024-05-15
LOW
2.4
The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not have CSRF check when updating its settings, and is missing sanitisation…
CVE-2024-3824
2024-05-15
MEDIUM
5.5
The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not have CSRF check in place when resetting its settings, which could…
CVE-2023-35723
2024-05-03
HIGH
8.8
D-Link DIR-X3260 prog.cgi SOAPAction Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on…
CVE-2023-41230
2024-05-03
HIGH
8.8
D-Link DIR-3040 HTTP Request Processing Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute…
CVE-2023-41229
2024-05-03
HIGH
8.8
D-Link DIR-3040 HTTP Request Processing Referer Heap-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute…
CVE-2023-41228
2024-05-03
MEDIUM
6.8
D-Link DIR-3040 prog.cgi SetUsersSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code…
CVE-2023-41227
2024-05-03
MEDIUM
6.8
D-Link DIR-3040 prog.cgi SetTriggerPPPoEValidate Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code…
CVE-2023-41226
2024-05-03
MEDIUM
6.8
D-Link DIR-3040 prog.cgi SetMyDLinkRegistration Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code…
CVE-2023-41225
2024-05-03
MEDIUM
6.8
D-Link DIR-3040 prog.cgi SetIPv6PppoeSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code…
CVE-2023-41224
2024-05-03
MEDIUM
6.8
D-Link DIR-3040 prog.cgi SetDeviceSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code…
CVE-2023-41223
2024-05-03
MEDIUM
6.8
D-Link DIR-3040 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary…
CVE-2023-41221
2024-05-03
MEDIUM
6.8
D-Link DIR-3040 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code…
CVE-2023-41220
2024-05-03
MEDIUM
6.8
D-Link DIR-3040 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code…
CVE-2023-41219
2024-05-03
MEDIUM
6.8
D-Link DIR-3040 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code…
CVE-2023-41218
2024-05-03
MEDIUM
6.8
D-Link DIR-3040 prog.cgi SetWan3Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code…
CVE-2023-41217
2024-05-03
HIGH
7.1
D-Link DIR-3040 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary…
« Anterior
Página 444 de 3529
Siguiente »
Page load link
Go to Top
