// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1623

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-20253	Splunk Enterprise	CRÍTICA	2026-06-18
CVE-2026-48907	Widget Factory Joomla Content Editor	CRÍTICA	2026-06-16
CVE-2026-54420	LiteSpeed cPanel Plugin	ALTA	2026-06-15
CVE-2026-20262	Cisco Catalyst SD-WAN Manager	MEDIA	2026-06-15
CVE-2026-35273	Oracle PeopleSoft Enterprise PeopleTools	CRÍTICA	2026-06-12
CVE-2026-10520	Ivanti Sentry	CRÍTICA	2026-06-11
CVE-2026-11645	Google Chromium V8	ALTA	2026-06-09
CVE-2026-7473	Arista Extensible Operating System	MEDIA	2026-06-09
CVE-2026-20245	Cisco Catalyst SD-WAN Manager	ALTA	2026-06-09
CVE-2026-42271	BerriAI LiteLLM	ALTA	2026-06-08

// top_vendors_afectados

Microsoft

16

Cisco

9

Apple

6

Ivanti

4

Google

4

Adobe

3

LiteSpeed

2

Oracle

2

BerriAI

2

SolarWinds

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2024-38106	Microsoft Windows	Microsoft Windows Kernel contains an unspecified vulnerability that allows for privilege escalation, enabling a local a…	ALTA	2024-08-13
CVE-2024-38193	Microsoft Windows	Microsoft Windows Ancillary Function Driver for WinSock contains an unspecified vulnerability that allows for privilege…	ALTA	2024-08-13
CVE-2024-38213	Microsoft Windows	Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the Sm…	MEDIA	2024-08-13
CVE-2024-38178	Microsoft Windows	Microsoft Windows Scripting Engine contains a memory corruption vulnerability that allows unauthenticated attacker to i…	ALTA	2024-08-13
CVE-2024-38189	Microsoft Project	Microsoft Project contains an unspecified vulnerability that allows for remote code execution via a malicious file.	ALTA	2024-08-13
CVE-2024-32113	Apache OFBiz	Apache OFBiz contains a path traversal vulnerability that could allow for remote code execution.	CRÍTICA	2024-08-07
CVE-2024-36971	Android Kernel	Android contains an unspecified vulnerability in the kernel that allows for remote code execution. This vulnerability r…	ALTA	2024-08-07
CVE-2018-0824	Microsoft Windows	Microsoft COM for Windows contains a deserialization of untrusted data vulnerability that allows for privilege escalati…	ALTA	2024-08-05
CVE-2024-37085	VMware ESXi	VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) pe…	MEDIA	2024-07-30
CVE-2023-45249	Acronis Cyber Infrastructure (ACI)	Acronis Cyber Infrastructure (ACI) allows an unauthenticated user to execute commands remotely due to the use of defaul…	CRÍTICA	2024-07-29
CVE-2024-5217	ServiceNow Utah, Vancouver, and Washington DC Now Platform	ServiceNow Washington DC, Vancouver, and earlier Now Platform releases contain an incomplete list of disallowed inputs …	CRÍTICA	2024-07-29
CVE-2024-4879	ServiceNow Utah, Vancouver, and Washington DC Now Platform	ServiceNow Utah, Vancouver, and Washington DC Now Platform releases contain a jelly template injection vulnerability in…	CRÍTICA	2024-07-29
CVE-2024-39891	Twilio Authy	Twilio Authy contains an information disclosure vulnerability in its API that allows an unauthenticated endpoint to acc…	MEDIA	2024-07-23
CVE-2012-4792	Microsoft Internet Explorer	Microsoft Internet Explorer contains a use-after-free vulnerability that allows a remote attacker to execute arbitrary …	ALTA	2024-07-23
CVE-2022-22948	VMware vCenter Server	VMware vCenter Server contains an incorrect default file permissions vulnerability that allows a remote, privileged att…	MEDIA	2024-07-17
CVE-2024-28995	SolarWinds Serv-U	SolarWinds Serv-U contains a path traversal vulnerability that allows an attacker access to read sensitive files on the…	ALTA	2024-07-17
CVE-2024-34102	Adobe Commerce and Magento Open Source	Adobe Commerce and Magento Open Source contain an improper restriction of XML external entity reference (XXE) vulnerabi…	CRÍTICA	2024-07-17
CVE-2024-36401	OSGeo GeoServer	OSGeo GeoServer GeoTools contains an improper neutralization of directives in dynamically evaluated code vulnerability …	CRÍTICA	2024-07-15
CVE-2024-23692	Rejetto HTTP File Server	Rejetto HTTP File Server contains an improper neutralization of special elements used in a template engine vulnerabilit…	CRÍTICA	2024-07-09
CVE-2024-38080	Microsoft Windows	Microsoft Windows Hyper-V contains a privilege escalation vulnerability that allows a local attacker with user permissi…	ALTA	2024-07-09
CVE-2024-38112	Microsoft Windows	Microsoft Windows MSHTML Platform contains a spoofing vulnerability that has a high impact to confidentiality, integrit…	ALTA	2024-07-09
CVE-2024-20399	Cisco NX-OS	Cisco NX-OS contains a command injection vulnerability in the command line interface (CLI) that could allow an authenti…	MEDIA	2024-07-02
CVE-2020-13965	Roundcube Webmail	Roundcube Webmail contains a cross-site scripting (XSS) vulnerability that allows a remote attacker to manipulate data …	MEDIA	2024-06-26
CVE-2022-2586	Linux Kernel	Linux Kernel contains a use-after-free vulnerability in the nft_object, allowing local attackers to escalate privileges…	MEDIA	2024-06-26
CVE-2022-24816	OSGeo JAI-EXT	OSGeo GeoServer JAI-EXT contains a code injection vulnerability that, when programs use jt-jiffle and allow Jiffle scri…	CRÍTICA	2024-06-26

← Anterior Página 20 / 65 (1623 CVEs total) Siguiente →