Skip to content
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-9677
2025-08-29
MEDIUM
5.3
A security flaw has been discovered in Modo Legend of the Phoenix up to 1.0.5. The affected element is an unknown function of the file AndroidManifest.xml of the…
CVE-2025-9676
2025-08-29
MEDIUM
5.3
A vulnerability was identified in NCSOFT Universe App up to 1.3.0. Impacted is an unknown function of the file AndroidManifest.xml of the component com.ncsoft.universeapp. The manipulation leads to…
CVE-2025-9675
2025-08-29
MEDIUM
5.3
A vulnerability was determined in Voice Changer App up to 1.1.0. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.tuyangkeji.changevoice. Executing manipulation can…
CVE-2025-9674
2025-08-29
MEDIUM
5.3
A flaw has been found in Transbyte Scooper News App up to 1.2 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of…
CVE-2025-58067
2025-08-29
MEDIUM
4.2
Basecamp's Google Sign-In adds Google sign-in to Rails applications. Prior to version 1.3.1, it is possible to redirect a user to another origin if the "proceed_to" value in…
CVE-2025-58066
2025-08-29
MEDIUM
5.3
nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. In versions between 1.2.0 and 1.6.1 inclusive servers which allow non-NTS traffic are…
CVE-2025-56577
2025-08-29
HIGH
8.4
An issue in Evope Core v.1.1.3.20 allows a local attacker to obtain sensitive information via the use of hard coded cryptographic keys.
CVE-2025-9673
2025-08-29
MEDIUM
5.3
A vulnerability was detected in Kakao 헤이카카오 Hey Kakao App up to 2.17.4 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of…
CVE-2025-9672
2025-08-29
MEDIUM
5.3
A security vulnerability has been detected in Rejseplanen App up to 8.2.2. Affected is an unknown function of the file AndroidManifest.xml of the component de.hafas.android.rejseplanen. The manipulation leads…
CVE-2025-9671
2025-08-29
MEDIUM
5.3
A weakness has been identified in UAB Paytend App up to 2.1.9 on Android. This impacts an unknown function of the file AndroidManifest.xml of the component com.passport.cash. Executing…
CVE-2024-46484
2025-08-29
CRITICAL
9.8
TRENDnet TV-IP410 vA1.0R was discovered to contain an OS command injection vulnerability via the /server/cgi-bin/testserv.cgi component.
CVE-2025-43773
2025-08-29
N/A
0.0
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0, 2025.Q1.0 through 2025.Q1.14, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.18 and 7.4 GA through…
CVE-2023-41471
2025-08-29
HIGH
7.8
Cross Site Scripting vulnerability in copyparty v.1.9.1 allows a local attacker to execute arbitrary code via a crafted payload to the WEEKEND-PLANS function.
CVE-2025-9670
2025-08-29
MEDIUM
5.3
A security flaw has been discovered in mixmark-io turndown up to 7.2.1. This affects an unknown function of the file src/commonmark-rules.js. Performing manipulation results in inefficient regular expression…
CVE-2025-9669
2025-08-29
HIGH
7.3
A vulnerability has been found in Jinher OA 1.0. This issue affects some unknown processing of the file GetTreeDate.aspx. The manipulation of the argument ID leads to sql…
CVE-2025-9667
2025-08-29
MEDIUM
6.3
A vulnerability was detected in code-projects Simple Grading System 1.0. This affects an unknown part of the file /delete_account.php of the component Admin Panel. Performing manipulation of the…
CVE-2025-9666
2025-08-29
MEDIUM
6.3
A security vulnerability has been detected in code-projects Simple Grading System 1.0. Affected by this issue is some unknown functionality of the file /delete_student.php of the component Admin…
CVE-2025-47909
2025-08-29
HIGH
7.3
Hosts listed in TrustedOrigins implicitly allow requests from the corresponding HTTP origins, allowing network MitMs to perform CSRF attacks. After the CVE-2025-24358 fix, a network attacker that places…
CVE-2025-9665
2025-08-29
MEDIUM
6.3
A weakness has been identified in code-projects Simple Grading System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit_student.php of the component Admin Panel.…
CVE-2025-9377
2025-08-29
N/A
0.0
The authenticated remote command execution (RCE) vulnerability exists in the Parental Control page on TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9. This issue affects Archer C7(EU) V2: before 241108 and TL-WR841N/ND(MS)…
CVE-2025-58158
2025-08-29
HIGH
8.8
Harness Open Source is an end-to-end developer platform with Source Control Management, CI/CD Pipelines, Hosted Developer Environments, and Artifact Registries. Prior to version 3.3.0, Open Source Harness git…
CVE-2025-52861
2025-08-29
N/A
0.0
A path traversal vulnerability has been reported to affect VioStor. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents…
CVE-2025-52856
2025-08-29
N/A
0.0
An improper authentication vulnerability has been reported to affect VioStor. If a remote attacker, they can then exploit the vulnerability to compromise the security of the system. We…
CVE-2025-44033
2025-08-29
CRITICAL
9.8
SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the allDirector() method declaration in src/main/java/cn/gson/oasys/mappers/AddressMapper.java
CVE-2025-44015
2025-08-29
N/A
0.0
A command injection vulnerability has been reported to affect HybridDesk Station. If an attacker gains local network access, they can then exploit the vulnerability to execute arbitrary commands.…
CVE-2025-33038
2025-08-29
N/A
0.0
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the…
CVE-2025-33037
2025-08-29
N/A
0.0
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the…
CVE-2025-33036
2025-08-29
N/A
0.0
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the…
CVE-2025-33033
2025-08-29
N/A
0.0
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the…
CVE-2025-33032
2025-08-29
N/A
0.0
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability…
CVE-2025-30278
2025-08-29
N/A
0.0
An improper certificate validation vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to compromise…
CVE-2025-30277
2025-08-29
N/A
0.0
An improper certificate validation vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to compromise…
CVE-2025-30275
2025-08-29
N/A
0.0
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch…
CVE-2025-30274
2025-08-29
N/A
0.0
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We…
CVE-2025-30273
2025-08-29
N/A
0.0
An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability…
CVE-2025-30272
2025-08-29
N/A
0.0
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We…
CVE-2025-30271
2025-08-29
N/A
0.0
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability…
CVE-2025-30270
2025-08-29
N/A
0.0
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability…
CVE-2025-30268
2025-08-29
N/A
0.0
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the…
CVE-2025-30267
2025-08-29
N/A
0.0
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the…
CVE-2025-30265
2025-08-29
N/A
0.0
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability…
CVE-2025-30264
2025-08-29
N/A
0.0
A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability…
CVE-2025-30263
2025-08-29
N/A
0.0
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch…
CVE-2025-30262
2025-08-29
N/A
0.0
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch…
CVE-2025-30261
2025-08-29
N/A
0.0
An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit…
CVE-2025-30260
2025-08-29
N/A
0.0
An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit…
CVE-2025-29900
2025-08-29
N/A
0.0
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then…
CVE-2025-29899
2025-08-29
N/A
0.0
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then…
CVE-2025-29898
2025-08-29
N/A
0.0
An uncontrolled resource consumption vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch…
CVE-2025-29894
2025-08-29
N/A
0.0
An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized…
« Anterior
Página 876 de 4304
Siguiente »
Page load link
Go to Top
