Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2023-41221
2024-05-03
MEDIUM
6.8
D-Link DIR-3040 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code…
CVE-2023-41220
2024-05-03
MEDIUM
6.8
D-Link DIR-3040 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code…
CVE-2023-41219
2024-05-03
MEDIUM
6.8
D-Link DIR-3040 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code…
CVE-2023-41218
2024-05-03
MEDIUM
6.8
D-Link DIR-3040 prog.cgi SetWan3Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code…
CVE-2023-41217
2024-05-03
HIGH
7.1
D-Link DIR-3040 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary…
CVE-2023-41216
2024-05-03
MEDIUM
6.8
D-Link DIR-3040 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code…
CVE-2023-41222
2024-05-03
MEDIUM
6.8
D-Link DIR-3040 prog.cgi SetWan2Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code…
CVE-2023-5677
2024-02-05
MEDIUM
6.3
Brandon Rothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API tcptest.cgi did not…
CVE-2024-46076
2024-10-07
CRITICAL
9.8
RuoYi v4.7.9 and before has a security flaw that allows escaping from comments within the code generation feature, enabling the…
CVE-2025-4467
2025-05-09
HIGH
7.3
A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been declared as critical. This vulnerability affects…
CVE-2025-4358
2025-05-06
HIGH
7.3
A vulnerability classified as critical has been found in PHPGurukul Company Visitor Management System 2.0. Affected is an unknown function…
CVE-2024-10969
2024-11-07
HIGH
7.3
A vulnerability was found in 1000 Projects Bookstore Management System 1.0. It has been rated as critical. Affected by this…
CVE-2024-7128
2024-07-26
MEDIUM
5.3
A flaw was found in the OpenShift console. Several endpoints in the application use the authHandler() and authHandlerWithUser() middleware functions.…
CVE-2024-8447
2025-01-02
MEDIUM
5.9
A security issue was discovered in the LRA Coordinator component of Narayana. When Cancel is called in LRA, an execution…
CVE-2025-2651
2025-03-23
MEDIUM
5.3
A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear Shop 1.0. Affected is an unknown function…
CVE-2025-2602
2025-03-21
MEDIUM
6.3
A vulnerability has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. This vulnerability…
CVE-2025-2601
2025-03-21
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. This affects…
CVE-2025-2377
2025-03-17
LOW
3.5
A vulnerability was found in SourceCodester Vehicle Management System 1.0 and classified as problematic. Affected by this issue is some…
CVE-2025-1607
2025-02-24
MEDIUM
4.3
A vulnerability, which was classified as problematic, has been found in SourceCodester Best Employee Management System 1.0. This issue affects…
CVE-2025-1587
2025-02-23
MEDIUM
5.3
A vulnerability was found in SourceCodester Telecom Billing Management System 1.0. It has been rated as critical. This issue affects…
CVE-2025-1166
2025-02-11
MEDIUM
6.3
A vulnerability has been found in SourceCodester Food Menu Manager 1.0 and classified as critical. Affected by this vulnerability is…
CVE-2022-42147
2022-10-17
MEDIUM
6.1
kkFileView 4.0 is vulnerable to Cross Site Scripting (XSS) via controller\ Filecontroller.java.
CVE-2022-42143
2022-10-17
HIGH
7.2
Open Source SACCO Management System v1.0 is vulnerable to SQL Injection via /sacco_shield/manage_payment.php.
CVE-2022-42142
2022-10-17
HIGH
7.2
Online Tours & Travels Management System v1.0 is vulnerable to Arbitrary code execution via ip/tour/admin/operations/update_settings.php.
CVE-2022-42149
2022-10-17
CRITICAL
9.8
kkFileView 4.0 is vulnerable to Server-side request forgery (SSRF) via controller\OnlinePreviewController.java.
CVE-2022-42154
2022-10-17
CRITICAL
9.8
An arbitrary file upload vulnerability in the component /apiadmin/upload/attach of 74cmsSE v3.13.0 allows attackers to execute arbitrary code via a…
CVE-2022-42029
2022-10-17
HIGH
8.8
Chamilo 1.11.16 is affected by an authenticated local file inclusion vulnerability which allows authenticated users with access to 'big file…
CVE-2022-41594
2022-10-14
LOW
3.4
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of…
CVE-2022-41593
2022-10-14
LOW
3.4
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of…
CVE-2022-41592
2022-10-14
LOW
3.4
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of…
CVE-2022-41588
2022-10-14
HIGH
7.5
The home screen module has a vulnerability in service logic processing.Successful exploitation of this vulnerability may affect data integrity.
CVE-2022-41586
2022-10-14
HIGH
7.5
The communication framework module has a vulnerability of not truncating data properly.Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-41431
2022-10-17
MEDIUM
5.4
xzs v3.8.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /admin/question/edit. This vulnerability allows attackers to…
CVE-2022-41139
2022-10-17
MEDIUM
5.4
MITRE CALDERA 4.1.0 allows stored XSS via app.contact.gist (aka the gist contact configuration field), leading to execution of arbitrary commands…
CVE-2022-41472
2022-10-17
MEDIUM
5.4
74cmsSE v3.12.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /apiadmin/notice/add. This vulnerability allows attackers to…
CVE-2022-41471
2022-10-17
MEDIUM
6.5
74cmsSE v3.12.0 allows authenticated attackers with low-level privileges to arbitrarily change the rights and credentials of the Super Administrator account.
CVE-2022-41580
2022-10-14
CRITICAL
9.8
The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction…
CVE-2022-41578
2022-10-14
CRITICAL
9.8
The MPTCP module has an out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause root privilege escalation attacks implemented by…
CVE-2022-40844
2022-11-15
MEDIUM
5.4
In Tenda (Shenzhen Tenda Technology Co., Ltd) AC1200 Router model W15Ev2 V15.11.0.10(1576), a Stored Cross Site Scripting (XSS) issue exists…
CVE-2022-40606
2022-10-17
MEDIUM
6.1
MITRE CALDERA before 4.1.0 allows XSS in the Operations tab and/or Debrief plugin via a crafted operation name, a different…
CVE-2022-40605
2022-10-17
MEDIUM
6.1
MITRE CALDERA before 4.1.0 allows XSS in the Operations tab and/or Debrief plugin via a crafted operation name, a different…
CVE-2022-40055
2022-10-17
CRITICAL
9.8
An issue in GX Group GPON ONT Titanium 2122A T2122-V1.26EXL allows attackers to escalate privileges via a brute force attack…
CVE-2022-3331
2022-10-17
LOW
3.5
An issue has been discovered in GitLab EE affecting all versions starting from 14.5 before 15.1.6, all versions starting from…
CVE-2022-3243
2022-10-17
HIGH
7.2
The Import all XML, CSV & TXT WordPress plugin before 6.5.8 does not properly sanitise and escape imported data before…
CVE-2022-3206
2022-10-17
MEDIUM
5.9
The Passster WordPress plugin before 3.5.5.5.2 stores the password inside a cookie named "passster" using base64 encoding method which is…
CVE-2022-3165
2022-10-17
MEDIUM
6.5
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A…
CVE-2024-3353
2024-04-05
HIGH
7.3
A vulnerability was found in SourceCodester Aplaya Beach Resort Online Reservation System 1.0 and classified as critical. This issue affects…
CVE-2024-2569
2024-03-18
HIGH
7.3
A vulnerability was found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this issue is…
CVE-2025-29824
2025-04-08
HIGH
7.8
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-3244
2025-04-04
MEDIUM
6.3
A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been declared as critical. Affected by…
« Anterior
Página 445 de 3529
Siguiente »
Page load link
Go to Top
