// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1543

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2025-47813	Wing FTP Server Wing FTP Server	MEDIA	2026-03-16
CVE-2026-3910	Google Chromium V8	ALTA	2026-03-13
CVE-2026-3909	Google Skia	ALTA	2026-03-13
CVE-2025-68613	n8n n8n	CRÍTICA	2026-03-11
CVE-2021-22054	Omnissa Workspace One UEM	ALTA	2026-03-09
CVE-2025-26399	SolarWinds Web Help Desk	CRÍTICA	2026-03-09
CVE-2026-1603	Ivanti Endpoint Manager (EPM)	ALTA	2026-03-09
CVE-2017-7921	Hikvision Multiple Products	CRÍTICA	2026-03-05
CVE-2021-22681	Rockwell Multiple Products	CRÍTICA	2026-03-05
CVE-2023-43000	Apple Multiple Products	ALTA	2026-03-05

// top_vendors_afectados

Microsoft

14

Apple

6

Google

5

Cisco

4

Fortinet

4

SolarWinds

3

Broadcom

3

SmarterTools

3

Gladinet

3

Ivanti

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2024-38217	Microsoft Windows	Microsoft Windows Mark of the Web (MOTW) contains a protection mechanism failure vulnerability that allows an attacker …	MEDIA	2024-09-10
CVE-2024-38014	Microsoft Windows	Microsoft Windows Installer contains an improper privilege management vulnerability that could allow an attacker to gai…	ALTA	2024-09-10
CVE-2024-38226	Microsoft Publisher	Microsoft Publisher contains a protection mechanism failure vulnerability that allows attacker to bypass Office macro p…	ALTA	2024-09-10
CVE-2024-40766	SonicWall SonicOS	SonicWall SonicOS contains an improper access control vulnerability that could lead to unauthorized resource access and…	CRÍTICA	2024-09-09
CVE-2017-1000253	Linux Kernel	Linux kernel contains a position-independent executable (PIE) stack buffer corruption vulnerability in load_elf_ binary…	ALTA	2024-09-09
CVE-2016-3714	ImageMagick ImageMagick	ImageMagick contains an improper input validation vulnerability that affects the EPHEMERAL, HTTPS, MVG, MSL, TEXT, SHOW…	ALTA	2024-09-09
CVE-2024-7262	Kingsoft WPS Office	Kingsoft WPS Office contains a path traversal vulnerability in promecefpluginhost.exe on Windows that allows an attacke…	ALTA	2024-09-03
CVE-2021-20124	DrayTek VigorConnect	Draytek VigorConnect contains a path traversal vulnerability in the file download functionality of the WebServlet endpo…	ALTA	2024-09-03
CVE-2021-20123	DrayTek VigorConnect	Draytek VigorConnect contains a path traversal vulnerability in the DownloadFileServlet endpoint. An unauthenticated at…	ALTA	2024-09-03
CVE-2024-7965	Google Chromium V8	Google Chromium V8 contains an inappropriate implementation vulnerability that allows a remote attacker to potentially …	ALTA	2024-08-28
CVE-2024-38856	Apache OFBiz	Apache OFBiz contains an incorrect authorization vulnerability that could allow remote code execution via a Groovy payl…	CRÍTICA	2024-08-27
CVE-2024-7971	Google Chromium V8	Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to exploit heap corruption via…	CRÍTICA	2024-08-26
CVE-2024-39717	Versa Director	The Versa Director GUI contains an unrestricted upload of file with dangerous type vulnerability that allows administra…	ALTA	2024-08-23
CVE-2021-31196	Microsoft Exchange Server	Microsoft Exchange Server contains an information disclosure vulnerability that allows for remote code execution.	ALTA	2024-08-21
CVE-2022-0185	Linux Kernel	Linux kernel contains a heap-based buffer overflow vulnerability in the legacy_parse_param function in the Filesystem C…	ALTA	2024-08-21
CVE-2021-33045	Dahua IP Camera Firmware	Dahua IP cameras and related products contain an authentication bypass vulnerability when the loopback device is specif…	CRÍTICA	2024-08-21
CVE-2021-33044	Dahua IP Camera Firmware	Dahua IP cameras and related products contain an authentication bypass vulnerability when the NetKeyboard type argument…	CRÍTICA	2024-08-21
CVE-2024-23897	Jenkins Jenkins Command Line Interface (CLI)	Jenkins Command Line Interface (CLI) contains a path traversal vulnerability that allows attackers limited read access …	CRÍTICA	2024-08-19
CVE-2024-28986	SolarWinds Web Help Desk	SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could allow for remote code ex…	CRÍTICA	2024-08-15
CVE-2024-38107	Microsoft Windows	Microsoft Windows Power Dependency Coordinator contains an unspecified vulnerability that allows for privilege escalati…	ALTA	2024-08-13
CVE-2024-38106	Microsoft Windows	Microsoft Windows Kernel contains an unspecified vulnerability that allows for privilege escalation, enabling a local a…	ALTA	2024-08-13
CVE-2024-38193	Microsoft Windows	Microsoft Windows Ancillary Function Driver for WinSock contains an unspecified vulnerability that allows for privilege…	ALTA	2024-08-13
CVE-2024-38213	Microsoft Windows	Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the Sm…	MEDIA	2024-08-13
CVE-2024-38178	Microsoft Windows	Microsoft Windows Scripting Engine contains a memory corruption vulnerability that allows unauthenticated attacker to i…	ALTA	2024-08-13
CVE-2024-38189	Microsoft Project	Microsoft Project contains an unspecified vulnerability that allows for remote code execution via a malicious file.	ALTA	2024-08-13

← Anterior Página 16 / 62 (1543 CVEs total) Siguiente →