Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-6248
2025-07-17
HIGH
7.4
A cross-site scripting (XSS) vulnerability was reported in the Lenovo Browser that could allow an attacker to obtain sensitive information…
CVE-2025-6232
2025-07-17
HIGH
7.8
An improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute…
CVE-2025-6231
2025-07-17
HIGH
7.8
An improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute…
CVE-2025-6230
2025-07-17
MEDIUM
5.3
A SQL injection vulnerability was reported in Lenovo Vantage that could allow a local attacker to modify the local SQLite…
CVE-2025-53964
2025-07-17
CRITICAL
9.6
GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying files when a user adds a…
CVE-2025-4657
2025-07-17
MEDIUM
6.7
A buffer overflow vulnerability was reported in the Lenovo Protection Driver, prior to version 5.1.1110.4231, used in Lenovo PC Manager,…
CVE-2025-3753
2025-07-17
HIGH
7.8
A code execution vulnerability has been identified in the Robot Operating System (ROS) 'rosbag' tool, affecting ROS distributions Noetic Ninjemys…
CVE-2025-2818
2025-07-17
LOW
3.5
A vulnerability was reported in version 1.0 of the Bluetooth Transmission Alliance protocol adopted by Motorola Smart Connect Android Application…
CVE-2025-23270
2025-07-17
HIGH
7.1
NVIDIA Jetson Linux contains a vulnerability in UEFI Management mode, where an unprivileged local attacker may cause exposure of sensitive…
CVE-2025-23267
2025-07-17
HIGH
8.5
NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link…
CVE-2025-23266
2025-07-17
CRITICAL
9.0
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker…
CVE-2025-1729
2025-07-17
MEDIUM
6.7
A DLL hijacking vulnerability was reported in TrackPoint Quick Menu software that, under certain conditions, could allow a local attacker…
CVE-2025-1700
2025-07-17
HIGH
7.0
A DLL hijacking vulnerability was reported in the Motorola Software Fix (Rescue and Smart Assistant) installer that could allow a…
CVE-2025-0886
2025-07-17
HIGH
7.8
An incorrect permissions vulnerability was reported in Elliptic Labs Virtual Lock Sensor that could allow a local, authenticated user to…
CVE-2024-42209
2025-07-17
LOW
3.5
HCL Connections is vulnerable to an information disclosure vulnerability that could allow a user to obtain sensitive information they are…
CVE-2024-41921
2025-07-17
HIGH
7.8
A code injection vulnerability has been discovered in the Robot Operating System (ROS) 'rostopic' command-line tool, affecting ROS distributions Noetic…
CVE-2024-41148
2025-07-17
HIGH
7.8
A code injection vulnerability has been discovered in the Robot Operating System (ROS) 'rostopic' command-line tool, affecting ROS distributions Noetic…
CVE-2024-39835
2025-07-17
HIGH
7.8
A code injection vulnerability has been identified in the Robot Operating System (ROS) 'roslaunch' command-line tool, affecting ROS distributions Noetic…
CVE-2024-39289
2025-07-17
HIGH
7.8
A code execution vulnerability has been discovered in the Robot Operating System (ROS) 'rosparam' tool, affecting ROS distributions Noetic Ninjemys…
CVE-2025-7472
2025-07-17
HIGH
7.5
A local privilege escalation vulnerability in the Intercept X for Windows installer prior version 1.22 can lead to a local…
CVE-2025-54070
2025-07-17
N/A
0.0
OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 5.2.0 and prior to version 5.4.0, the…
CVE-2025-54068
2025-07-17
N/A
0.0
Livewire is a full-stack framework for Laravel. In Livewire v3 up to and including v3.6.3, a vulnerability allows unauthenticated attackers…
CVE-2025-53817
2025-07-17
N/A
0.0
7-Zip is a file archiver with a high compression ratio. 7-Zip supports extracting from Compound Documents. Prior to version 25.0.0,…
CVE-2025-53816
2025-07-17
N/A
0.0
7-Zip is a file archiver with a high compression ratio. Zeroes written outside heap buffer in RAR5 handler may lead…
CVE-2025-46102
2025-07-17
MEDIUM
5.4
Cross Site Scripting vulnerability in Beakon Software Beakon Learning Management System Sharable Content Object Reference Model (SCORM) version V.5.4.3 allows…
CVE-2024-13972
2025-07-17
HIGH
8.8
A vulnerability related to registry permissions in the Intercept X for Windows updater prior to version 2024.3.2 can lead to…
CVE-2025-7749
2025-07-17
HIGH
7.3
A vulnerability, which was classified as critical, has been found in code-projects Online Appointment Booking System 1.0. This issue affects…
CVE-2025-7748
2025-07-17
LOW
3.5
A vulnerability classified as problematic was found in ZCMS 3.6.0. This vulnerability affects unknown code of the component Create Article…
CVE-2025-7747
2025-07-17
HIGH
8.8
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromWizardHandle of the file…
CVE-2025-53644
2025-07-17
N/A
0.0
OpenCV is an Open Source Computer Vision Library. Versions prior to 4.12.0 have an uninitialized pointer variable on stack that…
CVE-2025-53638
2025-07-17
N/A
0.0
Solady is software that provides Solidity snippets with APIs. Starting in version 0.0.125 and prior to version 0.1.24, when an…
CVE-2025-51497
2025-07-17
N/A
0.0
An issue was discovered in AdGuard plugin before 1.11.22 for Safari on MacOS. AdGaurd verbosely logged each url that Safari…
CVE-2025-23263
2025-07-17
HIGH
7.6
NVIDIA DOCA-Host and Mellanox OFED contain a vulnerability in the VGT+ feature, where an attacker on a VM might cause…
CVE-2024-32323
2025-07-17
N/A
0.0
SQL Injection vulnerability in cnhcit.com Haichang OA v.1.0.0 allows a remote attacker to obtain sensitive information via the if parameter…
CVE-2025-7339
2025-07-17
LOW
3.4
on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions `
CVE-2025-7338
2025-07-17
HIGH
7.5
Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to…
CVE-2025-53867
2025-07-17
N/A
0.0
Island Lake WebBatch before 2025C allows Remote Code Execution via a crafted URL.
CVE-2025-52046
2025-07-17
N/A
0.0
Totolink A3300R V17.0.0cu.596_B20250515 was found to contain a command injection vulnerability in the sub_4197C0 function via the mac and desc…
CVE-2025-25257
2025-07-17
CRITICAL
9.8
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0…
CVE-2023-47356
2025-07-17
N/A
0.0
Mingyu Security Gateway before v3.0-5.3p was discovered to contain a remote command execution (RCE) vulnerability via the log_type parameter at…
CVE-2023-41566
2025-07-17
N/A
0.0
OA EKP v16 was discovered to contain an arbitrary download vulnerability via the component /ui/sys_ui_extend/sysUiExtend.do. This vulnerability allows attackers to…
CVE-2025-54066
2025-07-17
MEDIUM
4.7
DiracX-Web is a web application that provides an interface to interact with the DiracX services. Prior to version 0.1.0-a8, an…
CVE-2025-54064
2025-07-17
N/A
0.0
Rucio is a software framework that provides functionality to organize, manage, and access large volumes of scientific data using customizable…
CVE-2025-54062
2025-07-17
N/A
0.0
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection…
CVE-2025-54061
2025-07-17
N/A
0.0
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection…
CVE-2025-54060
2025-07-17
N/A
0.0
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection…
CVE-2025-54058
2025-07-17
N/A
0.0
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection…
CVE-2025-47189
2025-07-17
MEDIUM
6.1
Netwrix Directory Manager through 2025-05-01 allows XSS.
CVE-2025-53946
2025-07-17
N/A
0.0
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection…
CVE-2025-53941
2025-07-17
MEDIUM
6.1
Hollo is a federated single-user microblogging software designed to be federated through ActivityPub. Versions prior to 0.6.5 allow HTML form…
« Anterior
Página 97 de 3421
Siguiente »
Page load link
Go to Top
