Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-28056
2025-05-13
CRITICAL
9.8
rebuild v3.9.0 through v3.9.3 has a SQL injection vulnerability in /admin/admin-cli/exec component.
CVE-2025-28055
2025-05-13
HIGH
7.5
upset-gal-web v7.1.0 /api/music/v1/cover.ts contains an arbitrary file read vulnerabilit
CVE-2025-24645
2025-04-17
HIGH
7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rob Scott Eazy Under Construction allows Reflected XSS.…
CVE-2025-22756
2025-05-14
N/A
0.0
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-56526
2025-05-13
HIGH
7.5
An issue was discovered in OXID eShop before 7. CMS pages in combination with Smarty may display user information if…
CVE-2022-41603
2022-10-14
LOW
3.4
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of…
CVE-2022-41305
2022-10-14
HIGH
7.8
A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by write access violation.…
CVE-2022-2865
2022-10-17
HIGH
7.3
A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions before 15.1.6, 15.2 to 15.2.4 and 15.3…
CVE-2024-12302
2025-01-06
MEDIUM
6.1
The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its Campaign settings, which could allow…
CVE-2024-12311
2025-01-06
MEDIUM
6.5
The Email Subscribers by Icegram Express WordPress plugin before 5.7.44 does not sanitize and escape a parameter before using it…
CVE-2024-10102
2025-01-07
LOW
2.7
The Photo Gallery, Images, Slider in Rbs Image Gallery WordPress plugin before 3.2.22 does not sanitise and escape some of…
CVE-2025-30378
2025-05-13
HIGH
7.0
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally.
CVE-2024-8855
2025-01-07
CRITICAL
9.8
The WordPress Auction Plugin WordPress plugin through 3.7 does not sanitize and escape a parameter before using it in a…
CVE-2024-8857
2025-01-07
MEDIUM
4.8
The WordPress Auction Plugin WordPress plugin through 3.7 does not sanitise and escape some of its settings, which could allow…
CVE-2025-3819
2025-04-19
HIGH
7.3
A vulnerability has been found in PHPGurukul Men Salon Management System 1.0 and classified as critical. Affected by this vulnerability…
CVE-2025-4316
2025-05-05
MEDIUM
4.3
Improper access control in PAM feature in Devolutions Server allows a PAM user to self approve their PAM requests even…
CVE-2025-39444
2025-04-17
MEDIUM
5.9
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maxfoundry MaxButtons allows Stored XSS.This issue affects MaxButtons:…
CVE-2023-43958
2025-04-22
CRITICAL
9.8
An arbitrary file upload vulnerability in the component /jquery-file-upload/server/php/index.php of Hospital Management System v4.0 allows an unauthenticated attacker to upload…
CVE-2025-47729
2025-05-08
LOW
1.9
The TeleMessage archiving backend through 2025-05-05 holds cleartext copies of messages from TM SGNL (aka Archive Signal) app users, which…
CVE-2025-29568
2025-04-24
MEDIUM
4.8
A vulnerability has been discovered in the code-projects Online Class and Exam Scheduling System 1.0. The issue affects some unknown…
CVE-2025-44134
2025-04-24
MEDIUM
6.5
A vulnerability was found in Code-Projects Online Class and Exam Scheduling System 1.0 in the file /Scheduling/pages/class_save.php. Manipulation of parameter…
CVE-2025-44135
2025-04-24
MEDIUM
6.5
A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0 in /Scheduling/pages/profile_update.php. Manipulating the parameter username will…
CVE-2025-41450
2025-05-08
HIGH
8.2
Improper Authentication vulnerability in Danfoss AKSM8xxA Series.This issue affects Danfoss AK-SM 8xxA Series prior to version 4.2
CVE-2025-47899
2025-05-14
N/A
0.0
Rejected reason: Not used
CVE-2025-47898
2025-05-14
N/A
0.0
Rejected reason: Not used
CVE-2025-47897
2025-05-14
N/A
0.0
Rejected reason: Not used
CVE-2025-47896
2025-05-14
N/A
0.0
Rejected reason: Not used
CVE-2025-47895
2025-05-14
N/A
0.0
Rejected reason: Not used
CVE-2025-47894
2025-05-14
N/A
0.0
Rejected reason: Not used
CVE-2025-47893
2025-05-14
N/A
0.0
Rejected reason: Not used
CVE-2025-47892
2025-05-14
N/A
0.0
Rejected reason: Not used
CVE-2025-47891
2025-05-14
N/A
0.0
Rejected reason: Not used
CVE-2024-0340
2024-01-09
MEDIUM
4.4
A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages…
CVE-2025-32912
2025-04-14
MEDIUM
6.5
A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP server may cause…
CVE-2024-52616
2024-11-21
MEDIUM
5.3
A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them…
CVE-2025-0793
2025-01-29
MEDIUM
6.3
A vulnerability has been found in ESAFENET CDG V5 and classified as critical. Affected by this vulnerability is an unknown…
CVE-2025-0794
2025-01-29
LOW
3.5
A vulnerability was found in ESAFENET CDG V5 and classified as problematic. Affected by this issue is some unknown functionality…
CVE-2025-0795
2025-01-29
LOW
3.5
A vulnerability was found in ESAFENET CDG V5. It has been classified as problematic. This affects an unknown part of…
CVE-2024-45627
2025-01-14
MEDIUM
5.9
In Apache Linkis
CVE-2024-9020
2025-01-18
MEDIUM
5.4
The List category posts WordPress plugin before 0.90.3 does not validate and escape some of its shortcode attributes before outputting…
CVE-2024-12321
2025-01-27
HIGH
7.1
The WC Affiliate WordPress plugin through 2.3.9 does not sanitise and escape a parameter before outputting it back in the…
CVE-2025-4668
2025-05-13
N/A
0.0
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All…
CVE-2025-46421
2025-04-24
MEDIUM
6.8
A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header…
CVE-2025-46420
2025-04-24
MEDIUM
6.5
A flaw was found in libsoup. It is vulnerable to memory leaks in the soup_header_parse_quality_list() function when parsing a quality…
CVE-2025-32908
2025-04-14
HIGH
7.5
A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme,…
CVE-2022-22128
2022-10-17
CRITICAL
9.8
Tableau discovered a path traversal vulnerability affecting Tableau Server Administration Agent’s internal file transfer service that could allow remote code…
CVE-2022-0699
2022-10-17
CRITICAL
9.8
A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause…
CVE-2019-14841
2022-10-17
HIGH
8.8
A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header.…
CVE-2019-14840
2022-10-17
HIGH
7.5
A flaw was found in the RHDM, where sensitive HTML form fields like Password has auto-complete enabled which may lead…
CVE-2017-7517
2022-10-17
LOW
3.5
An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants in Hawkular Metrics and projects/namespaces…
« Anterior
Página 450 de 3529
Siguiente »
Page load link
Go to Top
