Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Vulnerabilidades CVE
Todos el contenido
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Todo el contenido
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Noticias
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-21027
2025-09-03
MEDIUM
5.1
Improper verification of intent by broadcast receiver in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to temporarily disable the SIM.
CVE-2025-21026
2025-09-03
MEDIUM
4.0
Improper handling of insufficient permission in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to interrupt the call.
CVE-2025-21025
2025-09-03
MEDIUM
5.1
Improper access control in MARsExemptionManager prior to SMR Sep-2025 Release 1 allows local attackers to be excluded from background execution management.
CVE-2023-21483
2025-09-03
MEDIUM
6.4
Improper Access Control vulnerability in Galaxy Store prior to version 4.5.53.6 allows local attacker to access protected data using exported service.
CVE-2023-21482
2025-09-03
MEDIUM
6.1
Missing authorization vulnerability in Camera prior to versions 11.1.02.18 in Android 11, 12.1.03.8 in Android 12 and 13.1.01.4 in Android 13 allows physical attackers to install package through…
CVE-2023-21481
2025-09-03
MEDIUM
5.4
Improper URL input validation vulnerability in Samsung Account application prior to version 14.1.0.0 allows remote attackers to get sensitive information.
CVE-2023-21480
2025-09-03
HIGH
8.5
Improper input validation vulnerability in CertByte prior to SMR Apr-2023 Release 1 allows local attackers to launch privileged activities.
CVE-2023-21479
2025-09-03
MEDIUM
5.3
Improper authorization in Smart suggestions prior to SMR Apr-2023 Release 1 in Android 13 and 4.1.01.0 in Android 12 allows remote attackers to register a schedule.
CVE-2023-21478
2025-09-03
MEDIUM
6.0
Improper input validation vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data.
CVE-2023-21477
2025-09-03
HIGH
7.9
Access of Memory Location After End of Buffer vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data.
CVE-2023-21474
2025-09-03
MEDIUM
6.3
Intent redirection vulnerability in SecSettings prior to SMR Apr-2022 Release 1 allows attackers to access arbitrary file with system privilege.
CVE-2023-21470
2025-09-03
MEDIUM
4.0
Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.NETWORK_LOCATION action.
CVE-2023-21469
2025-09-03
MEDIUM
4.0
Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.GEOFENCE action.
CVE-2023-21468
2025-09-03
MEDIUM
5.9
Improper access control vulnerability in Telephony prior to SMR Apr-2023 Release 1 allows attackers to access files with escalated permission.
CVE-2025-58351
2025-09-03
MEDIUM
6.8
Outline is a service that allows for collaborative documentation. In versions 0.72.0 through 0.83.0, Outline introduced a feature which facilitates local file system storage capabilities as an optional…
CVE-2025-58170
2025-09-03
N/A
0.0
Rejected reason: This CVE is a duplicate of another CVE.
CVE-2025-58169
2025-09-03
N/A
0.0
Rejected reason: This CVE is a duplicate of another CVE.
CVE-2025-58168
2025-09-03
N/A
0.0
Rejected reason: This CVE is a duplicate of another CVE.
CVE-2025-58167
2025-09-03
N/A
0.0
Rejected reason: This CVE is a duplicate of another CVE.
CVE-2025-58166
2025-09-03
N/A
0.0
Rejected reason: This CVE is a duplicate of another CVE.
CVE-2025-58165
2025-09-03
N/A
0.0
Rejected reason: This CVE is a duplicate of another CVE, CVE-2025-58163.
CVE-2025-58164
2025-09-03
N/A
0.0
Rejected reason: This CVE is a duplicate of another CVE, CVE-2025-58163.
CVE-2025-58163
2025-09-03
N/A
0.0
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Versions 1.8.185 and earlier contain a deserialization of untrusted data vulnerability that allows authenticated…
CVE-2025-9848
2025-09-03
HIGH
7.3
A security vulnerability has been detected in ScriptAndTools Real Estate Management System 1.0. The affected element is an unknown function of the file /admin/userlist.php. Such manipulation leads to…
CVE-2025-9847
2025-09-03
MEDIUM
6.3
A weakness has been identified in ScriptAndTools Real Estate Management System 1.0. Impacted is an unknown function of the file register.php. This manipulation of the argument uimage causes…
CVE-2025-7039
2025-09-03
LOW
3.7
A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or…
CVE-2025-9843
2025-09-03
MEDIUM
5.3
A flaw has been found in Das Parking Management System 停车场管理系统 6.2.0. Affected is an unknown function of the file /Operator/FindAll. This manipulation causes information disclosure. It is…
CVE-2025-57806
2025-09-03
N/A
0.0
Local Deep Research is an AI-powered research assistant for deep, iterative research. Versions 0.2.0 through 0.6.7 stored confidential information, including API keys, in a local SQLite database without…
CVE-2025-9842
2025-09-03
MEDIUM
5.3
A vulnerability was detected in Das Parking Management System 停车场管理系统 6.2.0. This impacts an unknown function of the file /Operator/Search. The manipulation results in information disclosure. The attack…
CVE-2025-9841
2025-09-03
MEDIUM
6.3
A security vulnerability has been detected in code-projects Mobile Shop Management System 1.0. This affects an unknown function of the file AddNewProduct.php. The manipulation of the argument ProductImage…
CVE-2025-9260
2025-09-03
MEDIUM
6.5
The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to PHP Object Injection in versions 5.1.16 to 6.1.1 via…
CVE-2025-54588
2025-09-03
HIGH
7.5
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free (UAF) vulnerability…
CVE-2025-9840
2025-09-02
MEDIUM
6.3
A weakness has been identified in itsourcecode Sports Management System 1.0. The impacted element is an unknown function of the file /Admin/gametype.php. Executing manipulation of the argument code…
CVE-2025-9839
2025-09-02
HIGH
7.3
A security flaw has been discovered in itsourcecode Student Information Management System 1.0. The affected element is an unknown function of the file /admin/modules/course/index.php. Performing manipulation of the…
CVE-2025-9838
2025-09-02
HIGH
7.3
A vulnerability was identified in itsourcecode Student Information Management System 1.0. Impacted is an unknown function of the file /admin/modules/subject/index.php. Such manipulation of the argument ID leads to…
CVE-2025-9837
2025-09-02
HIGH
7.3
A vulnerability was determined in itsourcecode Student Information Management System 1.0. This issue affects some unknown processing of the file /admin/modules/student/index.php. This manipulation of the argument studentId causes…
CVE-2025-9836
2025-09-02
MEDIUM
4.3
A vulnerability was found in macrozheng mall up to 1.0.3. This vulnerability affects the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderId results in…
CVE-2025-9832
2025-09-02
HIGH
7.3
A security vulnerability has been detected in SourceCodester Food Ordering Management System 1.0. Affected is an unknown function of the file /routers/register-router.php. Such manipulation of the argument phone…
CVE-2025-9831
2025-09-02
HIGH
7.3
A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. This impacts an unknown function of the file /admin/edit-services.php. This manipulation of the argument sername causes…
CVE-2025-9330
2025-09-02
HIGH
7.8
Foxit PDF Reader Update Service Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader.…
CVE-2025-9329
2025-09-02
HIGH
7.8
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader.…
CVE-2025-9328
2025-09-02
HIGH
7.8
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader.…
CVE-2025-9327
2025-09-02
LOW
3.3
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User…
CVE-2025-9326
2025-09-02
HIGH
7.8
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader.…
CVE-2025-9325
2025-09-02
LOW
3.3
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User…
CVE-2025-9324
2025-09-02
LOW
3.3
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User…
CVE-2025-9323
2025-09-02
LOW
3.3
Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User…
CVE-2025-9276
2025-09-02
CRITICAL
9.8
Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability. This vulnerability could allow remote attackers to bypass authentication on systems that use the affected version of the Cockroach…
CVE-2025-9275
2025-09-02
HIGH
7.8
Oxford Instruments Imaris Viewer IMS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oxford Instruments…
CVE-2025-9274
2025-09-02
HIGH
7.8
Oxford Instruments Imaris Viewer IMS File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oxford Instruments…
« Anterior
Página 504 de 3939
Siguiente »
Page load link
Go to Top
