Skip to content
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2026-46951
2026-06-17
HIGH
8.8
Vulnerability in the Oracle Quality product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with…
CVE-2026-46950
2026-06-17
HIGH
8.8
Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged…
CVE-2026-46949
2026-06-17
CRITICAL
9.1
Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker…
CVE-2026-46947
2026-06-17
HIGH
8.8
Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged…
CVE-2026-46945
2026-06-17
CRITICAL
9.1
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with…
CVE-2026-46789
2026-06-17
CRITICAL
9.6
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). The supported version that is affected is 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker…
CVE-2026-12529
2026-06-17
HIGH
7.3
A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. Affected is an unknown function of the file /index.php of the…
CVE-2026-11407
2026-06-17
HIGH
7.2
Pimcore CMS/DXP version 12.3.8 contains a sandbox bypass vulnerability that allows authenticated administrative attackers to execute arbitrary methods on PHP objects by exploiting empty checkMethodAllowed() and checkPropertyAllowed() implementations…
CVE-2026-10741
2026-06-17
N/A
0.0
Sonatype Nexus Repository Manager before 3.93.0 contains an authorization vulnerability in the proxy repository configuration that allows a delegated repository administrator to disclose stored upstream proxy credentials.
CVE-2026-10696
2026-06-17
HIGH
7.5
Use of an incorrectly resolved name or reference in the pinget backend in Devolutions UniGetUI 2026.2.0 and earlier allows a WinGet community catalog contributor to cause an installed…
CVE-2026-35305
2026-06-17
CRITICAL
9.3
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Centralized Third Party Jars). The supported version that is affected is 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated…
CVE-2026-35306
2026-06-17
CRITICAL
9.3
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Centralized Third Party Jars). The supported version that is affected is 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated…
CVE-2026-35307
2026-06-17
CRITICAL
10.0
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated…
CVE-2026-35308
2026-06-17
CRITICAL
10.0
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Centralized Third Party Jars). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable…
CVE-2026-35309
2026-06-17
CRITICAL
9.8
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Centralized Third Party Jars). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable…
CVE-2026-35310
2026-06-17
CRITICAL
9.8
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated…
CVE-2026-35314
2026-06-17
HIGH
7.3
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Web Server Plugin). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows…
CVE-2026-35315
2026-06-17
HIGH
8.8
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low…
CVE-2026-35316
2026-06-17
CRITICAL
9.9
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low…
CVE-2026-35317
2026-06-17
HIGH
8.8
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low…
CVE-2026-46777
2026-06-17
CRITICAL
9.1
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated…
CVE-2026-46785
2026-06-17
CRITICAL
9.3
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). The supported version that is affected is 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker…
CVE-2026-46786
2026-06-17
CRITICAL
9.6
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). The supported version that is affected is 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker…
CVE-2026-46787
2026-06-17
HIGH
8.0
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). The supported version that is affected is 14.1.2.0.0. Difficult to exploit vulnerability allows unauthenticated…
CVE-2026-46796
2026-06-17
HIGH
8.0
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low…
CVE-2026-46797
2026-06-17
CRITICAL
9.8
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated…
CVE-2026-46798
2026-06-17
CRITICAL
10.0
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated…
CVE-2026-46799
2026-06-17
CRITICAL
9.8
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated…
CVE-2026-46800
2026-06-17
CRITICAL
10.0
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated…
CVE-2026-46801
2026-06-17
CRITICAL
9.8
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated…
CVE-2026-35318
2026-06-17
HIGH
8.8
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low…
CVE-2026-53805
2026-06-17
CRITICAL
9.8
NVIDIA Spatial Intelligence Lab's (SIL) GEN3C contains an unauthenticated remote code execution vulnerability in the inference API server where the /request-inference and /seed-model endpoints deserialize raw HTTP request…
CVE-2026-48591
2026-06-17
N/A
0.0
Improper Neutralization of Script in Attributes in a Web Page vulnerability in pragdave earmark allows stored cross-site scripting via unescaped HTML attribute values. 'Elixir.Earmark.Transform':_make_att1/2 in lib/earmark/transform.ex splices attribute…
CVE-2026-48779
2026-06-17
HIGH
7.5
ws is an open source WebSocket client and server for Node.js. All versions from 1.1.0 up to (but not including) 5.2.5, from 6.0.0 up to 6.2.4, from 7.0.0…
CVE-2026-47774
2026-06-17
HIGH
7.5
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability in Envoy's HTTP/2 downstream request…
CVE-2026-46973
2026-06-17
HIGH
8.8
Vulnerability in the Oracle Outsourced Mfg for Discrete Industries product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows…
CVE-2026-46967
2026-06-17
HIGH
8.8
Vulnerability in the Oracle Public Sector Financials (International) product of Oracle E-Business Suite (component: Authorization). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged…
CVE-2026-46964
2026-06-17
CRITICAL
9.9
Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability…
CVE-2026-46963
2026-06-17
CRITICAL
9.9
Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability…
CVE-2026-46962
2026-06-17
HIGH
8.8
Vulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged…
CVE-2026-44587
2026-06-17
MEDIUM
4.7
CarrierWave is a framework to upload files from Ruby applications. In versions prior to 2.2.7 and 3.1.3, the content_type_denylist check fails to escape regex metacharacters in string entries,…
CVE-2026-46961
2026-06-17
HIGH
8.8
Vulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged…
CVE-2026-46960
2026-06-17
HIGH
7.2
Vulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged…
CVE-2026-39199
2026-06-17
LOW
2.9
snes9x 1.63 allows an out-of-bounds write and denial of service via a crafted .ups file.
CVE-2026-35067
2026-06-17
MEDIUM
5.7
Dell PowerFlex Manager, version(s) [Versions], contain(s) an Improper Access Control vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of…
CVE-2026-12528
2026-06-17
MEDIUM
5.4
A flaw was found in 389 Directory Server in the __aclp__normalize_acltxt() function of aclparse.c. A malformed ACI (Access Control Instruction) string can trigger heap-buffer-overflow writes and reads during…
CVE-2025-66391
2026-06-17
HIGH
8.8
In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write operations, e.g., the system will send a one-time password…
CVE-2026-50203
2026-06-17
CRITICAL
9.1
A path traversal in the SFTP provider (`SFTPHook.retrieve_directory` / `SFTPOperator(operation=get)`) let a malicious or compromised remote SFTP server write files outside the configured local destination directory via crafted…
CVE-2026-35269
2026-06-17
HIGH
7.5
Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker…
CVE-2026-35293
2026-06-17
CRITICAL
9.8
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites). The supported version that is affected is 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker…
« Anterior
Página 83 de 4532
Siguiente »
Page load link
Go to Top