// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1587

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-31431	Linux Kernel	ALTA	2026-05-01

// top_vendors_afectados

Microsoft

19

Cisco

7

Apple

7

Synacor

4

Google

4

Fortinet

3

Ivanti

3

SolarWinds

3

SmarterTools

3

Linux

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2024-12356	BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS)	BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain a command injection vulnerability, which can…	CRÍTICA	2024-12-19
CVE-2021-40407	Reolink RLC-410W IP Camera	Reolink RLC-410W IP cameras contain an authenticated OS command injection vulnerability in the device network settings …	ALTA	2024-12-18
CVE-2019-11001	Reolink Multiple IP Cameras	Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W IP cameras contain an authenticated OS command injection vulne…	ALTA	2024-12-18
CVE-2022-23227	NUUO NVRmini2 Devices	NUUO NVRmini2 devices contain a missing authentication vulnerability that allows an unauthenticated attacker to upload …	CRÍTICA	2024-12-18
CVE-2018-14933	NUUO NVRmini Devices	NUUO NVRmini devices contain an OS command injection vulnerability. This vulnerability allows remote command execution …	CRÍTICA	2024-12-18
CVE-2024-55956	Cleo Multiple Products	Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload vuln…	CRÍTICA	2024-12-17
CVE-2024-35250	Microsoft Windows	Microsoft Windows Kernel-Mode Driver contains an untrusted pointer dereference vulnerability that allows a local attack…	ALTA	2024-12-16
CVE-2024-20767	Adobe ColdFusion	Adobe ColdFusion contains an improper access control vulnerability that could allow an attacker to access or modify res…	ALTA	2024-12-16
CVE-2024-50623	Cleo Multiple Products	Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload and …	CRÍTICA	2024-12-13
CVE-2024-49138	Microsoft Windows	Microsoft Windows Common Log File System (CLFS) driver contains a heap-based buffer overflow vulnerability that allows …	ALTA	2024-12-10
CVE-2024-51378	CyberPersons CyberPanel	CyberPanel contains an incorrect default permissions vulnerability that allows for authentication bypass and the execut…	CRÍTICA	2024-12-04
CVE-2024-11667	Zyxel Multiple Firewalls	Multiple Zyxel firewalls contain a path traversal vulnerability in the web management interface that could allow an att…	ALTA	2024-12-03
CVE-2024-11680	ProjectSend ProjectSend	ProjectSend contains an improper authentication vulnerability that allows a remote, unauthenticated attacker to enable …	CRÍTICA	2024-12-03
CVE-2023-45727	North Grid Proself	North Grid Proself Enterprise/Standard, Gateway, and Mail Sanitize contain an improper restriction of XML External Enti…	ALTA	2024-12-03
CVE-2023-28461	Array Networks AG/vxAG ArrayOS	Array Networks AG and vxAG ArrayOS contain a missing authentication for critical function vulnerability that allows an …	CRÍTICA	2024-11-25
CVE-2024-21287	Oracle Agile Product Lifecycle Management (PLM)	Oracle Agile Product Lifecycle Management (PLM) contains an incorrect authorization vulnerability in the Process Extens…	ALTA	2024-11-21
CVE-2024-44309	Apple Multiple Products	Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web…	MEDIA	2024-11-21
CVE-2024-44308	Apple Multiple Products	Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web…	ALTA	2024-11-21
CVE-2024-38813	VMware vCenter Server	VMware vCenter contains an improper check for dropped privileges vulnerability. This vulnerability could allow an attac…	ALTA	2024-11-20
CVE-2024-38812	VMware vCenter Server	VMware vCenter Server contains a heap-based buffer overflow vulnerability in the implementation of the DCERPC protocol.…	CRÍTICA	2024-11-20
CVE-2024-9474	Palo Alto Networks PAN-OS	Palo Alto Networks PAN-OS contains an OS command injection vulnerability that allows for privilege escalation through t…	ALTA	2024-11-18
CVE-2024-0012	Palo Alto Networks PAN-OS	Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in the web-based management interface for sev…	CRÍTICA	2024-11-18
CVE-2024-1212	Progress Kemp LoadMaster	Progress Kemp LoadMaster contains an OS command injection vulnerability that allows an unauthenticated, remote attacker…	CRÍTICA	2024-11-18
CVE-2024-9465	Palo Alto Networks Expedition	Palo Alto Networks Expedition contains a SQL injection vulnerability that allows an unauthenticated attacker to reveal …	CRÍTICA	2024-11-14
CVE-2024-9463	Palo Alto Networks Expedition	Palo Alto Networks Expedition contains an OS command injection vulnerability that allows an unauthenticated attacker to…	ALTA	2024-11-14

← Anterior Página 15 / 64 (1587 CVEs total) Siguiente →