Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-7798
2025-07-18
MEDIUM
6.3
A vulnerability classified as critical has been found in Beijing Shenzhou Shihan Technology Multimedia Integrated Business Display System up to…
CVE-2025-52169
2025-07-18
HIGH
7.1
agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability.
CVE-2025-52163
2025-07-18
MEDIUM
6.5
A Server-Side Request Forgery (SSRF) in the component TunnelServlet of agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 allows…
CVE-2025-52168
2025-07-18
MEDIUM
6.5
Incorrect access control in the dynawebservice component of agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 allows unauthenticated attackers…
CVE-2025-52166
2025-07-18
MEDIUM
6.5
Incorrect access control in Software GmbH Agorum core open v11.9.2 & v11.10.1 allows authenticated attackers to escalate privileges to Administrator…
CVE-2025-52164
2025-07-18
HIGH
8.2
Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to store credentials in plaintext.
CVE-2025-52162
2025-07-18
MEDIUM
6.5
agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to contain an XML External Entity (XXE) via the…
CVE-2025-50585
2025-07-18
N/A
0.0
StudentManage v1.0 was discovered to contain a SQL injection vulnerability via the component /admin/adminStudentUrl.
CVE-2025-50586
2025-07-18
MEDIUM
6.5
StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF).
CVE-2025-45157
2025-07-18
MEDIUM
6.5
Insecure permissions in Splashin iOS v2.0 allow unauthorized attackers to access location data for specific users.
CVE-2025-45156
2025-07-18
MEDIUM
5.3
Splashin iOS v2.0 fails to enforce server-side interval restrictions for location updates for free-tier users.
CVE-2025-46000
2025-07-18
MEDIUM
6.5
An arbitrary file upload vulnerability in the component /rsc/filemanager.rsc.class.php of Filemanager commit c75b914 v.2.5.0 allows attackers to execute arbitrary code…
CVE-2025-46002
2025-07-18
MEDIUM
6.5
An issue in Filemanager v2.5.0 and below allows attackers to execute a directory traversal via sending a crafted HTTP request…
CVE-2025-33014
2025-07-18
MEDIUM
5.4
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.4 uses a web link with…
CVE-2025-7754
2025-07-17
MEDIUM
6.3
A vulnerability was found in code-projects Patient Record Management System 1.0. It has been declared as critical. This vulnerability affects…
CVE-2025-7753
2025-07-17
HIGH
7.3
A vulnerability was found in code-projects Online Appointment Booking System 1.0. It has been classified as critical. This affects an…
CVE-2025-7752
2025-07-17
HIGH
7.3
A vulnerability was found in code-projects Online Appointment Booking System 1.0 and classified as critical. Affected by this issue is…
CVE-2025-7751
2025-07-17
HIGH
7.3
A vulnerability has been found in code-projects Online Appointment Booking System 1.0 and classified as critical. Affected by this vulnerability…
CVE-2025-7750
2025-07-17
HIGH
7.3
A vulnerability, which was classified as critical, was found in code-projects Online Appointment Booking System 1.0. Affected is an unknown…
CVE-2025-7797
2025-07-18
MEDIUM
5.3
A vulnerability was found in GPAC up to 2.4. It has been rated as problematic. Affected by this issue is…
CVE-2025-7796
2025-07-18
HIGH
8.8
A vulnerability, which was classified as critical, was found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserAdd of the…
CVE-2025-7795
2025-07-18
HIGH
8.8
A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the…
CVE-2025-53901
2025-07-18
LOW
3.5
Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.4, 33.0.2, and 34.0.2, a bug in Wasmtime's implementation of the…
CVE-2025-7794
2025-07-18
HIGH
8.8
A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatStaticSetting of…
CVE-2025-7793
2025-07-18
HIGH
8.8
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function formWebTypeLibrary of the file…
CVE-2025-7792
2025-07-18
HIGH
8.8
A vulnerability was found in Tenda FH451 1.0.0.9. It has been rated as critical. This issue affects the function formSafeEmailFilter…
CVE-2025-7783
2025-07-18
N/A
0.0
Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files…
CVE-2025-53762
2025-07-18
HIGH
8.7
Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network.
CVE-2025-49747
2025-07-18
CRITICAL
9.9
Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
CVE-2025-49746
2025-07-18
CRITICAL
9.9
Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
CVE-2025-47995
2025-07-18
MEDIUM
6.5
Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
CVE-2025-47158
2025-07-18
CRITICAL
9.0
Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-7791
2025-07-18
LOW
3.5
A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0. It has been declared as problematic. This vulnerability…
CVE-2025-7790
2025-07-18
HIGH
8.8
A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been classified as critical. This affects an unknown part of…
CVE-2025-7789
2025-07-18
LOW
3.7
A vulnerability was found in Xuxueli xxl-job up to 3.1.1 and classified as problematic. Affected by this issue is the…
CVE-2025-54079
2025-07-18
N/A
0.0
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection…
CVE-2025-54078
2025-07-18
MEDIUM
6.5
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site…
CVE-2025-54077
2025-07-18
MEDIUM
6.5
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site…
CVE-2025-54076
2025-07-18
MEDIUM
6.5
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site…
CVE-2025-54075
2025-07-18
HIGH
8.3
MDC is a tool to take regular Markdown and write documents interacting deeply with a Vue component. Prior to version…
CVE-2025-54073
2025-07-18
HIGH
7.5
mcp-package-docs is an MCP (Model Context Protocol) server that provides LLMs with efficient access to package documentation across multiple programming…
CVE-2025-54059
2025-07-18
MEDIUM
4.4
melange allows users to build apk packages using declarative pipelines. Starting in version 0.23.0 and prior to version 0.29.5, SBOM…
CVE-2025-53945
2025-07-18
HIGH
7.0
apko allows users to build and publish OCI container images built from apk packages. Starting in version 0.27.0 and prior…
CVE-2025-53888
2025-07-18
N/A
0.0
RIOT-OS, an operating system that supports Internet of Things devices, has an ineffective size check implemented with `assert()` can lead…
CVE-2025-7788
2025-07-18
MEDIUM
6.3
A vulnerability has been found in Xuxueli xxl-job up to 3.1.1 and classified as critical. Affected by this vulnerability is…
CVE-2025-7787
2025-07-18
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in Xuxueli xxl-job up to 3.1.1. Affected is the function httpJobHandler…
CVE-2025-7762
2025-07-17
HIGH
8.8
A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07.26A1. This issue affects some unknown processing…
CVE-2025-7759
2025-07-17
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in thinkgem JeeSite up to 5.12.0. This affects an unknown part…
CVE-2025-7758
2025-07-17
HIGH
8.8
A vulnerability, which was classified as critical, has been found in TOTOLINK T6 up to 4.1.5cu.748_B20211015. Affected by this issue…
CVE-2025-7757
2025-07-17
HIGH
7.3
A vulnerability classified as critical was found in PHPGurukul Land Record System 1.0. Affected by this vulnerability is an unknown…
« Anterior
Página 94 de 3420
Siguiente »
Page load link
Go to Top
