// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1587

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-31431	Linux Kernel	ALTA	2026-05-01

// top_vendors_afectados

Microsoft

19

Cisco

7

Apple

7

Synacor

4

Google

4

Fortinet

3

Ivanti

3

SolarWinds

3

SmarterTools

3

Linux

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2020-29574	Sophos CyberoamOS	CyberoamOS (CROS) contains a SQL injection vulnerability in the WebAdmin that allows an unauthenticated attacker to exe…	CRÍTICA	2025-02-06
CVE-2024-21413	Microsoft Office Outlook	Microsoft Outlook contains an improper input validation vulnerability that allows for remote code execution. Successful…	CRÍTICA	2025-02-06
CVE-2022-23748	Audinate Dante Discovery	Dante Discovery contains a process control vulnerability in mDNSResponder.exe that all allows for a DLL sideloading att…	ALTA	2025-02-06
CVE-2025-0411	7-Zip 7-Zip	7-Zip contains a protection mechanism failure vulnerability that allows remote attackers to bypass the Mark-of-the-Web …	ALTA	2025-02-06
CVE-2024-53104	Linux Kernel	Linux kernel contains an out-of-bounds write vulnerability in the uvc_parse_streaming component of the USB Video Class …	ALTA	2025-02-05
CVE-2018-19410	Paessler PRTG Network Monitor	Paessler PRTG Network Monitor contains a local file inclusion vulnerability that allows a remote, unauthenticated attac…	CRÍTICA	2025-02-04
CVE-2018-9276	Paessler PRTG Network Monitor	Paessler PRTG Network Monitor contains an OS command injection vulnerability that allows an attacker with administrativ…	ALTA	2025-02-04
CVE-2024-29059	Microsoft .NET Framework	Microsoft .NET Framework contains an information disclosure vulnerability that exposes the ObjRef URI to an attacker, u…	ALTA	2025-02-04
CVE-2024-45195	Apache OFBiz	Apache OFBiz contains a forced browsing vulnerability that allows a remote attacker to obtain unauthorized access.	ALTA	2025-02-04
CVE-2025-24085	Apple Multiple Products	Apple iOS, macOS, and other Apple products contain a user-after-free vulnerability that could allow a malicious applica…	CRÍTICA	2025-01-29
CVE-2025-23006	SonicWall SMA1000 Appliances	SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of …	CRÍTICA	2025-01-24
CVE-2020-11023	JQuery JQuery	JQuery contains a persistent cross-site scripting (XSS) vulnerability. When passing maliciously formed, untrusted input…	MEDIA	2025-01-23
CVE-2024-50603	Aviatrix Controllers	Aviatrix Controllers contain an OS command injection vulnerability that could allow an unauthenticated attacker to exec…	CRÍTICA	2025-01-16
CVE-2025-21335	Microsoft Windows	Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacke…	ALTA	2025-01-14
CVE-2025-21334	Microsoft Windows	Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacke…	ALTA	2025-01-14
CVE-2025-21333	Microsoft Windows	Microsoft Windows Hyper-V NT Kernel Integration VSP contains a heap-based buffer overflow vulnerability that allows a l…	ALTA	2025-01-14
CVE-2024-55591	Fortinet FortiOS and FortiProxy	Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that may allow an unauthenticated, remot…	CRÍTICA	2025-01-14
CVE-2023-48365	Qlik Sense	Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP req…	CRÍTICA	2025-01-13
CVE-2024-12686	BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS)	BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain an OS command injection vulnerability that c…	MEDIA	2025-01-13
CVE-2025-0282	Ivanti Connect Secure, Policy Secure, and ZTA Gateways	Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthen…	CRÍTICA	2025-01-08
CVE-2020-2883	Oracle WebLogic Server	Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an unspecified vulnerability exploitable…	CRÍTICA	2025-01-07
CVE-2024-55550	Mitel MiCollab	Mitel MiCollab contains a path traversal vulnerability that could allow an authenticated attacker with administrative p…	BAJA	2025-01-07
CVE-2024-41713	Mitel MiCollab	Mitel MiCollab contains a path traversal vulnerability that could allow an attacker to gain unauthorized and unauthenti…	CRÍTICA	2025-01-07
CVE-2024-3393	Palo Alto Networks PAN-OS	Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malicious DNS packets in the DNS Security fea…	ALTA	2024-12-30
CVE-2021-44207	Acclaim Systems USAHERDS	Acclaim Systems USAHERDS contains a hard-coded credentials vulnerability that could allow an attacker to achieve remote…	ALTA	2024-12-23

← Anterior Página 14 / 64 (1587 CVEs total) Siguiente →