Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-20311 2025-09-24 HIGH 7.4 A vulnerability in the handling of certain Ethernet frames in Cisco IOS XE Software for Catalyst 9000 Series Switches could allow an unauthenticated, adjacent attacker to cause an…
CVE-2025-20293 2025-09-24 MEDIUM 5.3 A vulnerability in the Day One setup process of Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud (9800-CL) could allow an unauthenticated, remote attacker…
CVE-2025-20240 2025-09-24 MEDIUM 6.1 A vulnerability in the web UI of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting attack (XSS) on an affected…
CVE-2025-20160 2025-09-24 HIGH 8.1 A vulnerability in the implementation of the TACACS+ protocol in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to view sensitive data…
CVE-2025-20149 2025-09-24 MEDIUM 6.5 A vulnerability in the CLI of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to cause an affected device to reload unexpectedly,…
CVE-2025-10890 2025-09-24 CRITICAL 9.1 Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVE-2025-20339 2025-09-24 MEDIUM 5.8 A vulnerability in the access control list (ACL) processing of IPv4 packets of Cisco SD-WAN vEdge Software could allow an unauthenticated, remote attacker to bypass a configured ACL.…
CVE-2025-20334 2025-09-24 HIGH 8.8 A vulnerability in the HTTP API subsystem of Cisco IOS XE Software could allow a remote attacker to inject commands that will execute with root privileges into the…
CVE-2025-10909 2025-09-24 LOW 2.4 A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File…
CVE-2025-10892 2025-09-24 HIGH 8.8 Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-10891 2025-09-24 HIGH 8.8 Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-10502 2025-09-24 HIGH 8.8 Heap buffer overflow in ANGLE in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High)
CVE-2025-10501 2025-09-24 HIGH 8.8 Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:…
CVE-2025-10500 2025-09-24 HIGH 8.8 Use after free in Dawn in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:…
CVE-2025-47329 2025-09-24 HIGH 7.8 Memory corruption while handling invalid inputs in application info setup.
CVE-2025-47328 2025-09-24 HIGH 7.5 Transient DOS while processing power control requests with invalid antenna or stream values.
CVE-2025-47327 2025-09-24 HIGH 7.8 Memory corruption while encoding the image data.
CVE-2025-47326 2025-09-24 HIGH 7.5 Transient DOS while handling command data during power control processing.
CVE-2025-47318 2025-09-24 HIGH 7.5 Transient DOS while parsing the EPTM test control message to get the test pattern.
CVE-2025-47317 2025-09-24 HIGH 7.8 Memory corruption due to global buffer overflow when a test command uses an invalid payload type.
CVE-2025-47316 2025-09-24 HIGH 7.8 Memory corruption due to double free when multiple threads race to set the timestamp store.
CVE-2025-47315 2025-09-24 HIGH 7.8 Memory corruption while handling repeated memory unmap requests from guest VM.
CVE-2025-47314 2025-09-24 HIGH 7.8 Memory corruption while processing data sent by FE driver.
CVE-2025-27077 2025-09-24 HIGH 7.8 Memory corruption while processing message in guest VM.
CVE-2025-27037 2025-09-24 HIGH 7.8 Memory corruption while processing config_dev IOCTL when camera kernel driver drops its reference to CPU buffers.
CVE-2025-27036 2025-09-24 MEDIUM 6.1 Information disclosure when Video engine escape input data is less than expected minimum size.
CVE-2025-27034 2025-09-24 CRITICAL 9.8 Memory corruption while selecting the PLMN from SOR failed list.
CVE-2025-27033 2025-09-24 MEDIUM 6.1 Information disclosure while running video usecase having rogue firmware.
CVE-2025-27032 2025-09-24 HIGH 7.8 memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache coherency.
CVE-2025-27030 2025-09-24 MEDIUM 6.1 information disclosure while invoking calibration data from user space to update firmware size.
CVE-2025-21488 2025-09-24 HIGH 8.2 Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set.
CVE-2025-21487 2025-09-24 HIGH 8.2 Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the available buffer length.
CVE-2025-21484 2025-09-24 HIGH 8.2 Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet.
CVE-2025-21483 2025-09-24 CRITICAL 9.8 Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs.
CVE-2025-21482 2025-09-24 HIGH 7.1 Cryptographic issue while performing RSA PKCS padding decoding.
CVE-2025-21481 2025-09-24 HIGH 7.8 Memory corruption while performing private key encryption in trusted application.
CVE-2025-21476 2025-09-24 HIGH 7.8 Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake.
CVE-2025-10360 2025-09-24 N/A 0.0 In Puppet Enterprise versions 2025.4.0 and 2025.5, the encryption key used for encrypting content in the Infra Assistant database was not excluded from the files gathered by Puppet…
CVE-2025-8869 2025-09-24 N/A 0.0 When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706. Note that upgrading pip…
CVE-2025-48868 2025-09-24 HIGH 7.2 Horilla is a free and open source Human Resource Management System (HRMS). An authenticated Remote Code Execution (RCE) vulnerability exists in Horilla 1.3.0 due to the unsafe use…
CVE-2025-23354 2025-09-24 HIGH 7.8 NVIDIA Megatron-LM for all platforms contains a vulnerability in the ensemble_classifer script where malicious data created by an attacker may cause an injection. A successful exploit of this…
CVE-2025-23353 2025-09-24 HIGH 7.8 NVIDIA Megatron-LM for all platforms contains a vulnerability in the msdp preprocessing script where malicious data created by an attacker may cause an injection. A successful exploit of…
CVE-2025-23349 2025-09-24 HIGH 7.8 NVIDIA Megatron-LM for all platforms contains a vulnerability in the tasks/orqa/unsupervised/nq.py component, where an attacker may cause a code injection. A successful exploit of this vulnerability may lead…
CVE-2025-23348 2025-09-24 HIGH 7.8 NVIDIA Megatron-LM for all platforms contains a vulnerability in the pretrain_gpt script, where malicious data created by an attacker may cause a code injection issue. A successful exploit…
CVE-2025-23346 2025-09-24 LOW 3.3 NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an unprivileged user can cause a NULL pointer dereference. A successful exploit of this vulnerability may lead to a…
CVE-2025-23340 2025-09-24 LOW 3.3 NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to…
CVE-2025-23339 2025-09-24 LOW 3.3 NVIDIA CUDA Toolkit for all platforms contains a vulnerability in cuobjdump where an attacker may cause a stack-based buffer overflow by getting the user to run cuobjdump on…
CVE-2025-23338 2025-09-24 LOW 3.3 NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an out-of-bounds write by running nvdisasm on a malicious ELF file. A…
CVE-2025-23308 2025-09-24 LOW 3.3 NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where an attacker may cause a heap-based buffer overflow by getting the user to run nvdisasm on…
CVE-2025-23275 2025-09-24 MEDIUM 4.2 NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a GPU out-of-bounds write by providing certain image dimensions. A…
« Anterior Página 797 de 4304 Siguiente »