Skip to content
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2026-46932
2026-06-17
HIGH
7.1
Vulnerability in the Oracle Enterprise Asset Management product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged…
CVE-2026-45436
2026-06-17
MEDIUM
6.5
Subscriber Broken Access Control in WPBakery Page Builder
CVE-2026-42629
2026-06-17
HIGH
8.8
Unauthenticated Broken Authentication in PowerPack Pro for Elementor < v2.13.0 versions.
CVE-2026-42357
2026-06-17
MEDIUM
6.5
Incorrect Authorization vulnerability allows users to access workflow instance information belonging to projects they do not have permission to access. This issue affects Apache DolphinScheduler versions prior to…
CVE-2026-40757
2026-06-17
HIGH
8.1
Unauthenticated PHP Object Injection in Château
CVE-2026-40752
2026-06-17
HIGH
8.1
Unauthenticated PHP Object Injection in Manufaktur Solutions
CVE-2026-41557
2026-06-17
HIGH
7.1
Unauthenticated Cross Site Scripting (XSS) in Kapee < 1.7.1 versions.
CVE-2026-40768
2026-06-17
HIGH
7.3
Unauthenticated Insecure Direct Object References (IDOR) in Salon booking system
CVE-2026-40765
2026-06-17
HIGH
7.1
Unauthenticated Cross Site Scripting (XSS) in collectchat
CVE-2026-40641
2026-06-17
MEDIUM
4.8
Dell PowerFlex Manager, version(s) 4.6.0.1, contain(s) an Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading…
CVE-2026-40738
2026-06-17
HIGH
8.1
Unauthenticated PHP Object Injection in Eldon
CVE-2026-40748
2026-06-17
CRITICAL
9.9
Subscriber Arbitrary File Upload in Kids Gift Shop
CVE-2026-40746
2026-06-17
CRITICAL
9.9
Subscriber Arbitrary File Upload in Restaurant Zone
CVE-2026-40735
2026-06-17
HIGH
8.1
Unauthenticated PHP Object Injection in Reina
CVE-2026-40725
2026-06-17
CRITICAL
9.8
Unauthenticated PHP Object Injection in WooCommerce Product Filters < 2.0.6 versions.
CVE-2026-40723
2026-06-17
MEDIUM
4.3
Subscriber Broken Access Control in Bricks Builder
CVE-2026-40721
2026-06-17
HIGH
7.5
Contributor Local File Inclusion in Element Pack Pro
CVE-2026-39590
2026-06-17
HIGH
8.1
Unauthenticated Local File Inclusion in Atomlab
CVE-2026-39560
2026-06-17
HIGH
8.1
Unauthenticated PHP Object Injection in Hiroshi
CVE-2026-39595
2026-06-17
MEDIUM
4.7
Author Broken Access Control in W3 Total Cache
CVE-2026-39582
2026-06-17
HIGH
8.1
Unauthenticated Local File Inclusion in Hitek < 1.8.3 versions.
CVE-2026-39573
2026-06-17
HIGH
8.1
Unauthenticated PHP Object Injection in Mildhill
CVE-2026-39545
2026-06-17
HIGH
8.1
Unauthenticated PHP Object Injection in Zermatt
CVE-2026-39445
2026-06-17
HIGH
8.1
Unauthenticated PHP Object Injection in Alukas < 3.0.0 versions.
CVE-2026-35327
2026-06-17
HIGH
7.6
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low…
CVE-2026-35326
2026-06-17
HIGH
7.2
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows high…
CVE-2026-35325
2026-06-17
HIGH
8.8
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low…
CVE-2026-35324
2026-06-17
HIGH
8.8
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low…
CVE-2026-35323
2026-06-17
CRITICAL
9.9
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low…
CVE-2026-35322
2026-06-17
HIGH
8.8
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low…
CVE-2026-35321
2026-06-17
CRITICAL
9.9
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low…
CVE-2026-35320
2026-06-17
CRITICAL
9.0
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Difficult to exploit vulnerability allows…
CVE-2026-35319
2026-06-17
CRITICAL
9.8
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated…
CVE-2026-35312
2026-06-17
CRITICAL
9.8
Vulnerability in the Oracle Virtual Directory product of Oracle Fusion Middleware (component: Virtual Directory Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows…
CVE-2026-35311
2026-06-17
HIGH
8.8
Vulnerability in the WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker…
CVE-2026-35162
2026-06-17
MEDIUM
4.3
Dell PowerFlex Manager, version(s) [Versions], contain(s) an Improper Access Control vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service.
CVE-2026-35065
2026-06-17
HIGH
8.8
Dell PowerFlex Manager, version(s) [Versions], contain(s) a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Code…
CVE-2026-34888
2026-06-17
HIGH
7.5
Unauthenticated Sensitive Data Exposure in Bricksforge
CVE-2026-32967
2026-06-17
CRITICAL
9.1
Incorrect Authorization vulnerability of `/v2` experimental interface in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the…
CVE-2026-32966
2026-06-17
CRITICAL
9.8
DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata Disclosure in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to…
CVE-2026-27410
2026-06-17
MEDIUM
6.5
Unauthenticated Deserialization of untrusted data in Slimstat Analytics < 5.4.0 versions.
CVE-2026-25446
2026-06-17
CRITICAL
9.9
Subscriber Arbitrary File Upload in WishList Member X
CVE-2026-24611
2026-06-17
CRITICAL
9.1
Unauthenticated Broken Access Control in MetForm Pro
CVE-2026-24610
2026-06-17
MEDIUM
4.3
Subscriber Broken Access Control in MetForm Pro
CVE-2026-22342
2026-06-17
HIGH
8.8
Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme
CVE-2026-22339
2026-06-17
HIGH
7.1
Unauthenticated Cross Site Scripting (XSS) in WPJobster
CVE-2026-22338
2026-06-17
HIGH
8.1
Unauthenticated Local File Inclusion in EcoBlue
CVE-2026-22332
2026-06-17
CRITICAL
9.3
Unauthenticated SQL Injection in Tutor LMS Pro
CVE-2026-22330
2026-06-17
HIGH
8.1
Unauthenticated Local File Inclusion in Right Way
CVE-2026-22283
2026-06-17
HIGH
7.5
Dell PowerFlex Manager, version(s) Version prior to 4.8, contain(s) an Inclusion of Functionality from Untrusted Control Sphere vulnerability. An unauthenticated attacker with remote access could potentially exploit this…
« Anterior
Página 85 de 4532
Siguiente »
Page load link
Go to Top