Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-50490
2025-07-28
HIGH
7.5
Improper session invalidation in the component /elms/emp-changepassword.php of PHPGurukul Student Result Management System v2.0 allows attackers to execute a session…
CVE-2025-6250
2025-07-28
N/A
0.0
Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypassing…
CVE-2025-2297
2025-07-28
N/A
0.0
Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into…
CVE-2024-49343
2025-07-28
MEDIUM
5.4
IBM Informix Dynamic Server 12.10 and 14.10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code,…
CVE-2024-49342
2025-07-28
HIGH
7.5
IBM Informix Dynamic Server 12.10 and 14.10 uses an inadequate account lockout setting that could allow a remote attacker to…
CVE-2025-54666
2025-07-29
N/A
0.0
Rejected reason: Not used
CVE-2025-54665
2025-07-29
N/A
0.0
Rejected reason: Not used
CVE-2025-54664
2025-07-29
N/A
0.0
Rejected reason: Not used
CVE-2025-54663
2025-07-29
N/A
0.0
Rejected reason: Not used
CVE-2025-54662
2025-07-29
N/A
0.0
Rejected reason: Not used
CVE-2025-54661
2025-07-29
N/A
0.0
Rejected reason: Not used
CVE-2025-54418
2025-07-28
CRITICAL
9.8
CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that…
CVE-2025-53696
2025-07-28
N/A
0.0
iSTAR Ultra performs a firmware verification on boot, however the verification does not inspect certain portions of the firmware. These…
CVE-2025-30125
2025-07-28
N/A
0.0
An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. All dashcams were shipped with the same default credentials…
CVE-2025-8279
2025-07-28
HIGH
8.7
Insufficient input validation within GitLab Language Server 7.6.0 and later before 7.30.0 allows arbitrary GraphQL query execution
CVE-2025-53695
2025-07-28
N/A
0.0
OS Command Injection in iSTAR Ultra products web application allows an authenticated attacker to gain even more privileged access ('root'…
CVE-2025-8242
2025-07-27
HIGH
8.8
A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This vulnerability affects unknown code of the…
CVE-2025-32731
2025-07-28
MEDIUM
6.1
A reflected cross-site scripting (xss) vulnerability exists in the radiationDoseReport.php functionality of meddream MedDream PACS Premium 7.3.5.860. A specially crafted…
CVE-2025-30133
2025-07-28
N/A
0.0
An issue was discovered on IROAD Dashcam FX2 devices. Bypass of Device Pairing/Registration can occur. It requires device registration via…
CVE-2025-30126
2025-07-28
N/A
0.0
An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Via port 7777 without any need to pair or…
CVE-2025-30124
2025-07-28
N/A
0.0
An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. When a new SD card is inserted into the…
CVE-2025-27724
2025-07-28
CRITICAL
9.3
A privilege escalation vulnerability exists in the login.php functionality of meddream MedDream PACS Premium 7.3.3.840. A specially crafted .php file…
CVE-2025-26469
2025-07-28
CRITICAL
9.3
An incorrect default permissions vulnerability exists in the CServerSettings::SetRegistryValues functionality of MedDream PACS Premium 7.3.3.840. A specially crafted application can…
CVE-2025-24485
2025-07-28
MEDIUM
5.8
A server-side request forgery vulnerability exists in the cecho.php functionality of MedDream PACS Premium 7.3.5.860. A specially crafted HTTP request…
CVE-2025-8275
2025-07-28
MEDIUM
5.3
A vulnerability, which was classified as problematic, has been found in bsc Peru Cocktails App 1.0.0 on Android. Affected by…
CVE-2025-54569
2025-07-28
MEDIUM
4.5
In Malwarebytes Binisoft Windows Firewall Control before 6.16.0.0, the installer is vulnerable to local privilege escalation.
CVE-2025-4056
2025-07-28
LOW
3.7
A flaw was found in GLib. A denial of service on Windows platforms may occur if an application attempts to…
CVE-2025-8274
2025-07-28
HIGH
7.3
A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. Affected by this vulnerability is an…
CVE-2025-5997
2025-07-28
HIGH
8.8
Incorrect Use of Privileged APIs vulnerability in Beamsec PhishPro allows Privilege Abuse.This issue affects PhishPro: before 7.5.4.2.
CVE-2025-38497
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Fix OOB read on empty string write…
CVE-2025-38496
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: dm-bufio: fix sched in atomic context If "try_verify_in_tasklet" is set…
CVE-2025-38495
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the…
CVE-2025-38494
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful…
CVE-2025-38493
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix crash in timerlat_dump_stack() We have observed kernel panics…
CVE-2025-38492
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix race between cache write completion and ALL_QUEUED being…
CVE-2025-38491
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: mptcp: make fallback action and fallback decision atomic Syzkaller reported…
CVE-2025-38490
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: net: libwx: remove duplicate page_pool_put_full_page() page_pool_put_full_page() should only be invoked…
CVE-2025-38489
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again Commit 7ded842b356d…
CVE-2025-38488
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in crypt_message when using async crypto…
CVE-2025-38487
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled Mitigate…
CVE-2025-38486
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: soundwire: Revert "soundwire: qcom: Add set_channel_map api support" This reverts…
CVE-2025-38485
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush fxls8962af_fifo_flush()…
CVE-2025-38484
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: iio: backend: fix out-of-bound write The buffer is set to…
CVE-2025-38483
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: comedi: das16m1: Fix bit shift out of bounds When checking…
CVE-2025-38482
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: comedi: das6402: Fix bit shift out of bounds When checking…
CVE-2025-38481
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large The…
CVE-2025-38480
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: comedi: Fix use of uninitialized data in insn_rw_emulate_bits() For Comedi…
CVE-2025-38478
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: comedi: Fix initialization of data for instructions that write to…
CVE-2025-38477
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition…
CVE-2025-38476
2025-07-28
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: rpl: Fix use-after-free in rpl_do_srh_inline(). Running lwt_dst_cache_ref_loop.sh in selftest with…
« Anterior
Página 63 de 3410
Siguiente »
Page load link
Go to Top
