Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-43194
2025-07-30
CRITICAL
9.8
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura…
CVE-2025-43186
2025-07-30
CRITICAL
9.8
The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.6, iOS 18.6 and iPadOS 18.6,…
CVE-2025-43185
2025-07-30
MEDIUM
5.5
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6. An app may…
CVE-2025-30480
2025-07-30
MEDIUM
6.5
Dell PowerProtect Data Manager, versions prior to 19.19, contain(s) an Improper Input Validation vulnerability in PowerProtect Data Manager. A low…
CVE-2025-30105
2025-07-30
HIGH
8.8
Dell XtremIO, version(s) 6.4.0-22, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local…
CVE-2025-26332
2025-07-30
HIGH
8.8
TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A…
CVE-2025-24224
2025-07-30
HIGH
7.5
The issue was addressed with improved checks. This issue is fixed in tvOS 18.5, iOS 18.5 and iPadOS 18.5, iPadOS…
CVE-2025-24188
2025-07-30
MEDIUM
6.5
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6. Processing maliciously crafted web…
CVE-2025-8353
2025-07-30
MEDIUM
5.9
UI synchronization issue in the Just-in-Time (JIT) access request approval interface in Devolutions Server 2025.2.4.0 and earlier allows a remote…
CVE-2025-8312
2025-07-30
HIGH
7.1
Deadlock in PAM automatic check-in feature in Devolutions Server allows a password to remain valid beyond the end of its…
CVE-2025-36611
2025-07-30
HIGH
7.3
Dell Encryption and Dell Security Management Server, versions prior to 11.11.0, contain an Improper Link Resolution Before File Access ('Link…
CVE-2025-50578
2025-07-30
CRITICAL
9.8
LinuxServer.io heimdall 2.6.3-ls307 contains a vulnerability in how it handles user-supplied HTTP headers, specifically `X-Forwarded-Host` and `Referer`. An unauthenticated remote…
CVE-2025-43270
2025-07-30
HIGH
8.8
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7,…
CVE-2025-43260
2025-07-30
MEDIUM
5.1
This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An…
CVE-2025-43247
2025-07-30
MEDIUM
5.5
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS…
CVE-2025-43237
2025-07-30
CRITICAL
9.8
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6. An app…
CVE-2025-43196
2025-07-30
HIGH
7.8
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7,…
CVE-2023-2593
2025-07-30
MEDIUM
5.9
A flaw exists within the Linux kernel's handling of new TCP connections. The issue results from the lack of memory…
CVE-2025-8326
2025-07-30
HIGH
7.3
A vulnerability classified as critical has been found in code-projects Exam Form Submission 1.0. Affected is an unknown function of…
CVE-2025-8319
2025-07-30
MEDIUM
6.1
the BMA login interface allows arbitrary JavaScript or HTML to be written straight into the page’s Document Object Model via…
CVE-2025-54573
2025-07-30
MEDIUM
4.3
CVAT is an open source interactive video and image annotation tool for computer vision. In versions 1.1.0 through 2.41.0, email…
CVE-2025-54433
2025-07-30
N/A
0.0
Bugsink is a self-hosted error tracking service. In versions 1.4.2 and below, 1.5.0 through 1.5.4, 1.6.0 through 1.6.3, and 1.7.0…
CVE-2025-53944
2025-07-30
HIGH
7.7
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents. In v0.6.15 and below,…
CVE-2025-53357
2025-07-30
MEDIUM
5.4
GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides…
CVE-2025-8292
2025-07-30
HIGH
8.8
Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a remote attacker to potentially exploit heap…
CVE-2025-54381
2025-07-29
CRITICAL
9.9
BentoML is a Python library for building online serving systems optimized for AI apps and model inference. In versions 1.4.0…
CVE-2025-53113
2025-07-30
LOW
2.7
GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides…
CVE-2025-53112
2025-07-30
MEDIUM
4.3
GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software…
CVE-2025-53111
2025-07-30
MEDIUM
6.5
GLPI is a Free Asset and IT Management Software package. In versions 0.80 through 10.0.18, a lack of permission checks…
CVE-2025-46811
2025-07-30
CRITICAL
9.8
A Missing Authentication for Critical Function vulnerability in SUSE Manager allows anyone with access to the websocket at /rhn/websocket/minion/remote-commands to…
CVE-2025-43018
2025-07-30
N/A
0.0
Certain HP LaserJet Pro printers may be vulnerable to information disclosure when a non-authenticated user queries a device’s local address…
CVE-2025-43265
2025-07-30
MEDIUM
4.0
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 11.6, visionOS 2.6, iOS 18.6…
CVE-2025-43217
2025-07-30
MEDIUM
4.0
The issue was addressed by adding additional logic. This issue is fixed in iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6.…
CVE-2025-43206
2025-07-30
MEDIUM
4.0
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in…
CVE-2025-43197
2025-07-30
MEDIUM
4.0
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS…
CVE-2025-31276
2025-07-30
MEDIUM
5.3
This issue was addressed through improved state management. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9.…
CVE-2025-40600
2025-07-29
CRITICAL
9.8
Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service…
CVE-2025-54572
2025-07-30
N/A
0.0
The Ruby SAML library is for implementing the client side of a SAML authorization. In versions 1.18.0 and below, a…
CVE-2025-54430
2025-07-30
CRITICAL
9.1
dedupe is a python library that uses machine learning to perform fuzzy matching, deduplication and entity resolution quickly on structured…
CVE-2025-54425
2025-07-30
MEDIUM
5.3
Umbraco is an ASP.NET CMS. In versions 13.0.0 through 13.9.2, 15.0.0 through 15.4.1 and 16.0.0 through 16.1.0, the content delivery…
CVE-2025-54410
2025-07-30
LOW
3.3
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime,…
CVE-2025-54388
2025-07-30
N/A
0.0
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime,…
CVE-2025-53008
2025-07-30
MEDIUM
6.5
GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL…
CVE-2025-52897
2025-07-30
MEDIUM
6.5
GLPI is a Free Asset and IT Management Software package. In versions 9.1.0 through 10.0.18, an unauthenticated user can send…
CVE-2025-52567
2025-07-30
LOW
3.5
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software…
CVE-2025-43274
2025-07-30
MEDIUM
4.4
A privacy issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6. A sandboxed…
CVE-2025-43226
2025-07-30
MEDIUM
4.0
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 11.6, iOS 18.6 and iPadOS…
CVE-2025-43223
2025-07-30
HIGH
7.5
A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.7, iPadOS 17.7.9, iOS…
CVE-2025-43191
2025-07-30
MEDIUM
6.2
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7,…
CVE-2025-47001
2025-07-30
MEDIUM
5.4
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused…
« Anterior
Página 50 de 3402
Siguiente »
Page load link
Go to Top
