CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1543
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
14
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2024-0519 Google Chromium V8 Google Chromium V8 Engine contains an out-of-bounds memory access vulnerability that allows a remote attacker to potent… ALTA 2024-01-17
CVE-2023-6549 Citrix NetScaler ADC and NetScaler Gateway Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for a denial-of-service … ALTA 2024-01-17
CVE-2023-6548 Citrix NetScaler ADC and NetScaler Gateway Citrix NetScaler ADC and NetScaler Gateway contain a code injection vulnerability that allows for authenticated remote … MEDIA 2024-01-17
CVE-2018-15133 Laravel Laravel Framework Laravel Framework contains a deserialization of untrusted data vulnerability, allowing for remote command execution. Th… ALTA 2024-01-16
CVE-2023-29357 Microsoft SharePoint Server Microsoft SharePoint Server contains an unspecified vulnerability that allows an unauthenticated attacker, who has gain… CRÍTICA 2024-01-10
CVE-2023-46805 Ivanti Connect Secure and Policy Secure Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure gateways contain an authen… ALTA 2024-01-10
CVE-2024-21887 Ivanti Connect Secure and Policy Secure Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure contain a command injectio… CRÍTICA 2024-01-10
CVE-2023-23752 Joomla! Joomla! Joomla! contains an improper access control vulnerability that allows unauthorized access to webservice endpoints. MEDIA 2024-01-08
CVE-2016-20017 D-Link DSL-2750B Devices D-Link DSL-2750B devices contain a command injection vulnerability that allows remote, unauthenticated command injectio… CRÍTICA 2024-01-08
CVE-2023-41990 Apple Multiple Products Apple iOS, iPadOS, macOS, tvOS, and watchOS contain an unspecified vulnerability that allows for code execution when pr… ALTA 2024-01-08
CVE-2023-27524 Apache Superset Apache Superset contains an insecure default initialization of a resource vulnerability that allows an attacker to auth… ALTA 2024-01-08
CVE-2023-29300 Adobe ColdFusion Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for code execution. CRÍTICA 2024-01-08
CVE-2023-38203 Adobe ColdFusion Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for code execution. CRÍTICA 2024-01-08
CVE-2023-7101 Spreadsheet::ParseExcel Spreadsheet::ParseExcel Spreadsheet::ParseExcel contains a remote code execution vulnerability due to passing unvalidated input from a file int… ALTA 2024-01-02
CVE-2023-7024 Google Chromium WebRTC Google Chromium WebRTC, an open-source project providing web browsers with real-time communication, contains a heap buf… ALTA 2024-01-02
CVE-2023-49897 FXC AE1021, AE1021PE FXC AE1021 and AE1021PE contain an OS command injection vulnerability that allows authenticated users to execute comman… ALTA 2023-12-21
CVE-2023-47565 QNAP VioStor NVR QNAP VioStar NVR contains an OS command injection vulnerability that allows authenticated users to execute commands via… ALTA 2023-12-21
CVE-2023-6448 Unitronics Vision PLC and HMI Unitronics Vision Series PLCs and HMIs ship with an insecure default password, which if left unchanged, can allow attac… CRÍTICA 2023-12-11
CVE-2023-41266 Qlik Sense Qlik Sense contains a path traversal vulnerability that allows a remote, unauthenticated attacker to create an anonymou… ALTA 2023-12-07
CVE-2023-41265 Qlik Sense Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP req… CRÍTICA 2023-12-07
CVE-2023-33107 Qualcomm Multiple Chipsets Multiple Qualcomm chipsets contain an integer overflow vulnerability due to memory corruption in Graphics Linux while a… ALTA 2023-12-05
CVE-2023-33106 Qualcomm Multiple Chipsets Multiple Qualcomm chipsets contain a use of out-of-range pointer offset vulnerability due to memory corruption in Graph… ALTA 2023-12-05
CVE-2023-33063 Qualcomm Multiple Chipsets Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services during a rem… ALTA 2023-12-05
CVE-2022-22071 Qualcomm Multiple Chipsets Multiple Qualcomm chipsets contain a use-after-free vulnerability when process shell memory is freed using IOCTL munmap… ALTA 2023-12-05
CVE-2023-42917 Apple Multiple Products Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when… ALTA 2023-12-04
← Anterior Página 20 / 62 (1543 CVEs total) Siguiente →
[INFO] El ataque GlassWorm utiliza tokens de GitHub robados para forzar el envío de malware a los repositorios de Python...  ·  [INFO] CVE-2025-47813: Vulnerabilidad de Divulgación de Información en Wing FTP Server  ·  [INFO] ⚡ Resumen semanal: Chrome 0 días, redes de bots de enrutadores, violación de AWS, agentes de IA no autorizados y más...  ·  [INFO] Las campañas de ClickFix difunden MacSync macOS Infostealer a través de instaladores de herramientas de inteligencia artificial fa...  ·  [INFO] Por qué la validación de seguridad se está convirtiendo en una agencia...  ·  [INFO] El ataque GlassWorm utiliza tokens de GitHub robados para forzar el envío de malware a los repositorios de Python...  ·  [INFO] CVE-2025-47813: Vulnerabilidad de Divulgación de Información en Wing FTP Server  ·  [INFO] ⚡ Resumen semanal: Chrome 0 días, redes de bots de enrutadores, violación de AWS, agentes de IA no autorizados y más...  ·  [INFO] Las campañas de ClickFix difunden MacSync macOS Infostealer a través de instaladores de herramientas de inteligencia artificial fa...  ·  [INFO] Por qué la validación de seguridad se está convirtiendo en una agencia...  ·