Skip to content
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-54478
2025-08-11
HIGH
7.2
Mattermost Confluence Plugin version
CVE-2025-54463
2025-08-11
MEDIUM
5.9
Mattermost Confluence Plugin version
CVE-2025-54458
2025-08-11
MEDIUM
5.0
Mattermost Confluence Plugin version
CVE-2025-53910
2025-08-11
MEDIUM
4.0
Mattermost Confluence Plugin version
CVE-2025-53857
2025-08-11
LOW
3.7
Mattermost Confluence Plugin version
CVE-2025-53514
2025-08-11
MEDIUM
5.9
Mattermost Confluence Plugin version
CVE-2025-53191
2025-08-11
HIGH
7.7
Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects Aspect: before
CVE-2025-53190
2025-08-11
HIGH
7.0
A vulnerability in ABB Aspect.This issue affects Aspect: before
CVE-2025-53189
2025-08-11
HIGH
7.0
Authorization Bypass Through User-Controlled Key vulnerability in ABB Aspect.This issue affects Aspect: from o before
CVE-2025-53188
2025-08-11
HIGH
7.0
Insufficiently Protected Credentials vulnerability in ABB Aspect.This issue affects Aspect: before
CVE-2025-52931
2025-08-11
HIGH
7.5
Mattermost Confluence Plugin version
CVE-2025-51824
2025-08-11
MEDIUM
6.5
libcsp 2.0 is vulnerable to Buffer Overflow in the csp_usart_open() function at drivers/usart/zephyr.c.
CVE-2025-51823
2025-08-11
MEDIUM
6.5
libcsp 2.0 is vulnerable to Buffer Overflow in the csp_eth_init() function due to improper handling of the ifname parameter. The function uses strcpy to copy the interface name…
CVE-2025-49221
2025-08-11
LOW
3.7
Mattermost Confluence Plugin version
CVE-2025-48731
2025-08-11
MEDIUM
6.4
Mattermost Confluence Plugin version
CVE-2025-44004
2025-08-11
HIGH
7.2
Mattermost Confluence Plugin version
CVE-2025-44001
2025-08-11
MEDIUM
4.0
Mattermost Confluence Plugin version
CVE-2025-25229
2025-08-11
MEDIUM
5.4
Omnissa Workspace ONE UEM contains a Server-Side Request Forgery (SSRF) Vulnerability. A malicious actor with user privileges may be able to access restricted internal system information, potentially enabling enumeration…
CVE-2025-8833
2025-08-11
HIGH
8.8
A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This issue affects the function langSwitchBack of the file /goform/langSwitchBack. The manipulation…
CVE-2025-8854
2025-08-11
N/A
0.0
Stack-based buffer overflow in LoadOFF in bulletphysics bullet3 before 3.26 on all platforms allows remote attackers to execute arbitrary code via a crafted OFF file with an overlong…
CVE-2025-8832
2025-08-11
HIGH
8.8
A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function setDMZ of the file /goform/setDMZ. The manipulation…
CVE-2025-8831
2025-08-11
HIGH
8.8
A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function remoteManagement of the file /goform/remoteManagement. The manipulation of…
CVE-2025-8830
2025-08-11
MEDIUM
6.3
A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this issue is the function sub_3517C of the file…
CVE-2025-8846
2025-08-11
MEDIUM
5.3
A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parse_line of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack…
CVE-2025-8837
2025-08-11
MEDIUM
5.3
A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpc_dec_dump of the file src/libjasper/jpc/jpc_dec.c of the component JPEG2000 File Handler. The manipulation leads to…
CVE-2025-8661
2025-08-11
N/A
0.0
A stored Cross-Site Scripting vulnerability (XSS) occurs when the server does not properly validate or encode the data entered by the user.
CVE-2025-25231
2025-08-11
HIGH
7.5
Omnissa Workspace ONE UEM contains a Secondary Context Path Traversal Vulnerability. A malicious actor may be able to gain access to sensitive information by sending crafted GET requests (read-only)…
CVE-2025-54063
2025-08-11
HIGH
8.0
Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.4.8 to 1.5.0, there is a one-click remote code execution vulnerability through the custom…
CVE-2025-53187
2025-08-11
HIGH
7.0
Improper Control of Generation of Code ('Code Injection') vulnerability in ABB ASPECT.This issue affects ASPECT: before
CVE-2025-8866
2025-08-11
N/A
0.0
YugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster/universe API endpoint. An unauthenticated attacker could exploit this flaw to obtain server networking configuration details, including…
CVE-2025-45146
2025-08-11
CRITICAL
9.8
ModelCache for LLM through v0.2.0 was discovered to contain an deserialization vulnerability via the component /manager/data_manager.py. This vulnerability allows attackers to execute arbitrary code via supplying crafted data.
CVE-2025-38499
2025-08-11
N/A
0.0
In the Linux kernel, the following vulnerability has been resolved: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns What we want is to verify there…
CVE-2025-8865
2025-08-11
N/A
0.0
The YugabyteDB tablet server contains a flaw in its YCQL query handling that can trigger a null pointer dereference when processing certain malformed inputs. An authenticated attacker could…
CVE-2025-8859
2025-08-11
MEDIUM
6.3
A vulnerability was identified in code-projects eBlog Site 1.0. Affected by this vulnerability is an unknown functionality of the file /native/admin/save-slider.php of the component File Upload Module. The…
CVE-2012-10040
2025-08-11
N/A
0.0
Openfiler v2.x contains a command injection vulnerability in the system.html page. The device parameter is used to instantiate a NetworkCard object, whose constructor in network.inc calls exec() with…
CVE-2012-10039
2025-08-11
N/A
0.0
ZEN Load Balancer versions 2.0 and 3.0-rc1 contain a command injection vulnerability in content2-2.cgi. The filelog parameter is passed directly into a backtick-delimited exec() call without sanitation. An…
CVE-2012-10038
2025-08-11
N/A
0.0
Auxilium RateMyPet contains an unauthenticated arbitrary file upload vulnerability in upload_banners.php. The banner upload feature fails to validate file types or enforce authentication, allowing remote attackers to upload…
CVE-2012-10037
2025-08-11
N/A
0.0
PhpTax version 0.8 contains a remote code execution vulnerability in drawimage.php. The pfilez GET parameter is unsafely passed to the exec() function without sanitization. A remote attacker can…
CVE-2025-8864
2025-08-11
N/A
0.0
Shared Access Signature token is not masked in the backup configuration response and is also exposed in the yb_backup logs
CVE-2025-8852
2025-08-11
MEDIUM
4.3
A vulnerability was identified in WuKongOpenSource WukongCRM 11.0. This affects an unknown part of the file /adminFile/upload of the component API Response Handler. The manipulation leads to information…
CVE-2025-8851
2025-08-11
MEDIUM
5.3
A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads…
CVE-2025-8863
2025-08-11
N/A
0.0
YugabyteDB diagnostic information was transmitted over HTTP, which could expose sensitive data during transmission
CVE-2025-8862
2025-08-11
N/A
0.0
YugabyteDB has been collecting diagnostics information from YugabyteDB servers, which may include sensitive gflag configurations. To mitigate this, we recommend upgrading the database to a version where this…
CVE-2025-8847
2025-08-11
LOW
3.5
A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. Affected by this vulnerability is the function Edit of the file /system/notice/edit. The manipulation of the argument noticeTitle/noticeContent…
CVE-2025-8845
2025-08-11
MEDIUM
5.3
A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemble_file of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is…
CVE-2025-8672
2025-08-11
N/A
0.0
MacOS version of GIMP bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions granted by the user to the main application bundle. An attacker…
CVE-2025-8844
2025-08-11
LOW
3.3
A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parse_smacro_template of the file preproc.c. The manipulation leads to null pointer dereference. Attacking locally…
CVE-2025-8843
2025-08-11
MEDIUM
5.3
A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is…
CVE-2025-8842
2025-08-11
MEDIUM
5.3
A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function do_directive of the file preproc.c. The manipulation leads to use after…
CVE-2025-8841
2025-08-11
MEDIUM
6.3
A vulnerability was identified in zlt2000 microservices-platform up to 6.0.0. Affected by this vulnerability is the function Upload of the file zlt-business/file-center/src/main/java/com/central/file/controller/FileController.java. The manipulation leads to unrestricted upload.…
« Anterior
Página 930 de 4305
Siguiente »
Page load link
Go to Top
