Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-7638
2025-07-18
MEDIUM
4.9
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to time-based SQL…
CVE-2025-6813
2025-07-18
HIGH
8.8
The aapanel WP Toolkit plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization checks within the auto_login()…
CVE-2025-6781
2025-07-18
MEDIUM
4.3
The Copymatic – AI Content Writer & Generator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions…
CVE-2025-6053
2025-07-18
MEDIUM
6.1
The Zuppler Online Ordering plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including,…
CVE-2025-5816
2025-07-18
MEDIUM
4.3
The Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo – Biteship plugin for WordPress is vulnerable to Insecure Direct Object Reference…
CVE-2025-3740
2025-07-18
HIGH
8.8
The School Management System for Wordpress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to,…
CVE-2025-7431
2025-07-18
MEDIUM
4.4
The Knowledge Base plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin slug setting in all versions…
CVE-2025-6185
2025-07-18
CRITICAL
9.3
Leviton AcquiSuite and Energy Monitoring Hub are susceptible to a cross-site scripting vulnerability, allowing an attacker to craft a malicious…
CVE-2025-7398
2025-07-17
N/A
0.0
Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on internal ports ports 9000 and 8036.
CVE-2025-7397
2025-07-17
N/A
0.0
A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the Command Line Interface (CLI)…
CVE-2025-6391
2025-07-17
N/A
0.0
Brocade ASCG before 3.3.0 logs JSON Web Tokens (JWT) in log files. An attacker with access to the log files…
CVE-2025-7755
2025-07-17
MEDIUM
6.3
A vulnerability was found in code-projects Online Ordering System 1.0. It has been rated as critical. This issue affects some…
CVE-2025-23269
2025-07-17
MEDIUM
4.7
NVIDIA Jetson Linux contains a vulnerability in the kernel where an attacker may cause an exposure of sensitive information due…
CVE-2025-7433
2025-07-17
HIGH
8.8
A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2025.1 and older allows arbitrary…
CVE-2025-6249
2025-07-17
MEDIUM
6.7
An authentication bypass vulnerability was reported in FileZ client application that could allow a local attacker with elevated permissions access…
CVE-2025-6248
2025-07-17
HIGH
7.4
A cross-site scripting (XSS) vulnerability was reported in the Lenovo Browser that could allow an attacker to obtain sensitive information…
CVE-2025-6232
2025-07-17
HIGH
7.8
An improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute…
CVE-2025-6231
2025-07-17
HIGH
7.8
An improper validation vulnerability was reported in Lenovo Vantage that under certain conditions could allow a local attacker to execute…
CVE-2025-6230
2025-07-17
MEDIUM
5.3
A SQL injection vulnerability was reported in Lenovo Vantage that could allow a local attacker to modify the local SQLite…
CVE-2025-53964
2025-07-17
CRITICAL
9.6
GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying files when a user adds a…
CVE-2025-4657
2025-07-17
MEDIUM
6.7
A buffer overflow vulnerability was reported in the Lenovo Protection Driver, prior to version 5.1.1110.4231, used in Lenovo PC Manager,…
CVE-2025-3753
2025-07-17
HIGH
7.8
A code execution vulnerability has been identified in the Robot Operating System (ROS) 'rosbag' tool, affecting ROS distributions Noetic Ninjemys…
CVE-2025-2818
2025-07-17
LOW
3.5
A vulnerability was reported in version 1.0 of the Bluetooth Transmission Alliance protocol adopted by Motorola Smart Connect Android Application…
CVE-2025-23270
2025-07-17
HIGH
7.1
NVIDIA Jetson Linux contains a vulnerability in UEFI Management mode, where an unprivileged local attacker may cause exposure of sensitive…
CVE-2025-23267
2025-07-17
HIGH
8.5
NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link…
CVE-2025-23266
2025-07-17
CRITICAL
9.0
NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker…
CVE-2025-1729
2025-07-17
MEDIUM
6.7
A DLL hijacking vulnerability was reported in TrackPoint Quick Menu software that, under certain conditions, could allow a local attacker…
CVE-2025-1700
2025-07-17
HIGH
7.0
A DLL hijacking vulnerability was reported in the Motorola Software Fix (Rescue and Smart Assistant) installer that could allow a…
CVE-2025-0886
2025-07-17
HIGH
7.8
An incorrect permissions vulnerability was reported in Elliptic Labs Virtual Lock Sensor that could allow a local, authenticated user to…
CVE-2024-42209
2025-07-17
LOW
3.5
HCL Connections is vulnerable to an information disclosure vulnerability that could allow a user to obtain sensitive information they are…
CVE-2024-41921
2025-07-17
HIGH
7.8
A code injection vulnerability has been discovered in the Robot Operating System (ROS) 'rostopic' command-line tool, affecting ROS distributions Noetic…
CVE-2024-41148
2025-07-17
HIGH
7.8
A code injection vulnerability has been discovered in the Robot Operating System (ROS) 'rostopic' command-line tool, affecting ROS distributions Noetic…
CVE-2024-39835
2025-07-17
HIGH
7.8
A code injection vulnerability has been identified in the Robot Operating System (ROS) 'roslaunch' command-line tool, affecting ROS distributions Noetic…
CVE-2024-39289
2025-07-17
HIGH
7.8
A code execution vulnerability has been discovered in the Robot Operating System (ROS) 'rosparam' tool, affecting ROS distributions Noetic Ninjemys…
CVE-2025-7472
2025-07-17
HIGH
7.5
A local privilege escalation vulnerability in the Intercept X for Windows installer prior version 1.22 can lead to a local…
CVE-2025-54070
2025-07-17
N/A
0.0
OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 5.2.0 and prior to version 5.4.0, the…
CVE-2025-54068
2025-07-17
N/A
0.0
Livewire is a full-stack framework for Laravel. In Livewire v3 up to and including v3.6.3, a vulnerability allows unauthenticated attackers…
CVE-2025-53817
2025-07-17
N/A
0.0
7-Zip is a file archiver with a high compression ratio. 7-Zip supports extracting from Compound Documents. Prior to version 25.0.0,…
CVE-2025-53816
2025-07-17
N/A
0.0
7-Zip is a file archiver with a high compression ratio. Zeroes written outside heap buffer in RAR5 handler may lead…
CVE-2025-46102
2025-07-17
MEDIUM
5.4
Cross Site Scripting vulnerability in Beakon Software Beakon Learning Management System Sharable Content Object Reference Model (SCORM) version V.5.4.3 allows…
CVE-2024-13972
2025-07-17
HIGH
8.8
A vulnerability related to registry permissions in the Intercept X for Windows updater prior to version 2024.3.2 can lead to…
CVE-2025-7749
2025-07-17
HIGH
7.3
A vulnerability, which was classified as critical, has been found in code-projects Online Appointment Booking System 1.0. This issue affects…
CVE-2025-7748
2025-07-17
LOW
3.5
A vulnerability classified as problematic was found in ZCMS 3.6.0. This vulnerability affects unknown code of the component Create Article…
CVE-2025-7747
2025-07-17
HIGH
8.8
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromWizardHandle of the file…
CVE-2025-53644
2025-07-17
N/A
0.0
OpenCV is an Open Source Computer Vision Library. Versions prior to 4.12.0 have an uninitialized pointer variable on stack that…
CVE-2025-53638
2025-07-17
N/A
0.0
Solady is software that provides Solidity snippets with APIs. Starting in version 0.0.125 and prior to version 0.1.24, when an…
CVE-2025-51497
2025-07-17
N/A
0.0
An issue was discovered in AdGuard plugin before 1.11.22 for Safari on MacOS. AdGaurd verbosely logged each url that Safari…
CVE-2025-23263
2025-07-17
HIGH
7.6
NVIDIA DOCA-Host and Mellanox OFED contain a vulnerability in the VGT+ feature, where an attacker on a VM might cause…
CVE-2024-32323
2025-07-17
N/A
0.0
SQL Injection vulnerability in cnhcit.com Haichang OA v.1.0.0 allows a remote attacker to obtain sensitive information via the if parameter…
CVE-2025-7339
2025-07-17
LOW
3.4
on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions `
« Anterior
Página 98 de 3422
Siguiente »
Page load link
Go to Top
