// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1587

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-31431	Linux Kernel	ALTA	2026-05-01

// top_vendors_afectados

Microsoft

19

Cisco

7

Apple

7

Synacor

4

Google

4

Fortinet

3

Ivanti

3

SolarWinds

3

SmarterTools

3

Linux

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2024-4879	ServiceNow Utah, Vancouver, and Washington DC Now Platform	ServiceNow Utah, Vancouver, and Washington DC Now Platform releases contain a jelly template injection vulnerability in…	CRÍTICA	2024-07-29
CVE-2024-39891	Twilio Authy	Twilio Authy contains an information disclosure vulnerability in its API that allows an unauthenticated endpoint to acc…	MEDIA	2024-07-23
CVE-2012-4792	Microsoft Internet Explorer	Microsoft Internet Explorer contains a use-after-free vulnerability that allows a remote attacker to execute arbitrary …	ALTA	2024-07-23
CVE-2022-22948	VMware vCenter Server	VMware vCenter Server contains an incorrect default file permissions vulnerability that allows a remote, privileged att…	MEDIA	2024-07-17
CVE-2024-28995	SolarWinds Serv-U	SolarWinds Serv-U contains a path traversal vulnerability that allows an attacker access to read sensitive files on the…	ALTA	2024-07-17
CVE-2024-34102	Adobe Commerce and Magento Open Source	Adobe Commerce and Magento Open Source contain an improper restriction of XML external entity reference (XXE) vulnerabi…	CRÍTICA	2024-07-17
CVE-2024-36401	OSGeo GeoServer	OSGeo GeoServer GeoTools contains an improper neutralization of directives in dynamically evaluated code vulnerability …	CRÍTICA	2024-07-15
CVE-2024-23692	Rejetto HTTP File Server	Rejetto HTTP File Server contains an improper neutralization of special elements used in a template engine vulnerabilit…	CRÍTICA	2024-07-09
CVE-2024-38080	Microsoft Windows	Microsoft Windows Hyper-V contains a privilege escalation vulnerability that allows a local attacker with user permissi…	ALTA	2024-07-09
CVE-2024-38112	Microsoft Windows	Microsoft Windows MSHTML Platform contains a spoofing vulnerability that has a high impact to confidentiality, integrit…	ALTA	2024-07-09
CVE-2024-20399	Cisco NX-OS	Cisco NX-OS contains a command injection vulnerability in the command line interface (CLI) that could allow an authenti…	MEDIA	2024-07-02
CVE-2020-13965	Roundcube Webmail	Roundcube Webmail contains a cross-site scripting (XSS) vulnerability that allows a remote attacker to manipulate data …	MEDIA	2024-06-26
CVE-2022-2586	Linux Kernel	Linux Kernel contains a use-after-free vulnerability in the nft_object, allowing local attackers to escalate privileges…	MEDIA	2024-06-26
CVE-2022-24816	OSGeo JAI-EXT	OSGeo GeoServer JAI-EXT contains a code injection vulnerability that, when programs use jt-jiffle and allow Jiffle scri…	CRÍTICA	2024-06-26
CVE-2024-4358	Progress Telerik Report Server	Progress Telerik Report Server contains an authorization bypass by spoofing vulnerability that allows an attacker to ob…	CRÍTICA	2024-06-13
CVE-2024-26169	Microsoft Windows	Microsoft Windows Error Reporting Service contains an improper privilege management vulnerability that allows a local a…	ALTA	2024-06-13
CVE-2024-32896	Android Pixel	Android Pixel contains an unspecified vulnerability in the firmware that allows for privilege escalation.	ALTA	2024-06-13
CVE-2024-4577	PHP Group PHP	PHP, specifically Windows-based PHP used in CGI mode, contains an OS command injection vulnerability that allows for ar…	CRÍTICA	2024-06-12
CVE-2024-4610	Arm Mali GPU Kernel Driver	Arm Bifrost and Valhall GPU kernel drivers contain a use-after-free vulnerability that allows a local, non-privileged u…	ALTA	2024-06-12
CVE-2017-3506	Oracle WebLogic Server	Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an OS command injection vulnerability th…	ALTA	2024-06-03
CVE-2024-1086	Linux Kernel	Linux kernel contains a use-after-free vulnerability in the netfilter: nf_tables component that allows an attacker to a…	ALTA	2024-05-30
CVE-2024-24919	Check Point Quantum Security Gateways	Check Point Quantum Security Gateways contain an unspecified information disclosure vulnerability. The vulnerability po…	ALTA	2024-05-30
CVE-2024-4978	Justice AV Solutions Viewer	Justice AV Solutions (JAVS) Viewer installer contains a malicious version of ffmpeg.exe, named fffmpeg.exe (SHA256: 421…	ALTA	2024-05-29
CVE-2024-5274	Google Chromium V8	Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted …	CRÍTICA	2024-05-28
CVE-2020-17519	Apache Flink	Apache Flink contains an improper access control vulnerability that allows an attacker to read any file on the local fi…	ALTA	2024-05-23

← Anterior Página 19 / 64 (1587 CVEs total) Siguiente →