// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1587

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-31431	Linux Kernel	ALTA	2026-05-01

// top_vendors_afectados

Microsoft

19

Cisco

7

Apple

7

Synacor

4

Google

4

Fortinet

3

Ivanti

3

SolarWinds

3

SmarterTools

3

Linux

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2024-23296	Apple Multiple Products	Apple iOS, iPadOS, macOS, tvOS, and watchOS RTKit contain a memory corruption vulnerability that allows an attacker wit…	ALTA	2024-03-06
CVE-2023-21237	Android Pixel	Android Pixel contains a vulnerability in the Framework component, where the UI may be misleading or insufficient, prov…	MEDIA	2024-03-05
CVE-2021-36380	Sunhillo SureLine	Sunhillo SureLine contains an OS command injection vulnerability that allows an attacker to cause a denial-of-service o…	CRÍTICA	2024-03-05
CVE-2024-21338	Microsoft Windows	Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (inp…	ALTA	2024-03-04
CVE-2023-29360	Microsoft Streaming Service	Microsoft Streaming Service contains an untrusted pointer dereference vulnerability that allows for privilege escalatio…	ALTA	2024-02-29
CVE-2024-1709	ConnectWise ScreenConnect	ConnectWise ScreenConnect contains an authentication bypass vulnerability that allows an attacker with network access t…	CRÍTICA	2024-02-22
CVE-2020-3259	Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)	Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an information disclosure vulnerabil…	ALTA	2024-02-15
CVE-2024-21410	Microsoft Exchange Server	Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.	CRÍTICA	2024-02-15
CVE-2024-21412	Microsoft Windows	Microsoft Windows Internet Shortcut Files contains an unspecified vulnerability that allows for a security feature bypa…	ALTA	2024-02-13
CVE-2024-21351	Microsoft Windows	Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the Sm…	ALTA	2024-02-13
CVE-2023-43770	Roundcube Webmail	Roundcube Webmail contains a persistent cross-site scripting (XSS) vulnerability that can lead to information disclosur…	MEDIA	2024-02-12
CVE-2024-21762	Fortinet FortiOS	Fortinet FortiOS contains an out-of-bound write vulnerability that allows a remote unauthenticated attacker to execute …	CRÍTICA	2024-02-09
CVE-2023-4762	Google Chromium V8	Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to execute code via a crafted …	ALTA	2024-02-06
CVE-2022-48618	Apple Multiple Products	Apple iOS, iPadOS, macOS, tvOS, and watchOS contain a time-of-check/time-of-use (TOCTOU) memory corruption vulnerabilit…	ALTA	2024-01-31
CVE-2024-21893	Ivanti Connect Secure, Policy Secure, and Neurons	Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons contain a…	ALTA	2024-01-31
CVE-2023-22527	Atlassian Confluence Data Center and Server	Atlassian Confluence Data Center and Server contain an unauthenticated OGNL template injection vulnerability that can l…	CRÍTICA	2024-01-24
CVE-2024-23222	Apple Multiple Products	Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution w…	ALTA	2024-01-23
CVE-2023-34048	VMware vCenter Server	VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol that a…	CRÍTICA	2024-01-22
CVE-2023-35082	Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core	Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core contain an authentication bypass vulnerability that allows un…	CRÍTICA	2024-01-18
CVE-2024-0519	Google Chromium V8	Google Chromium V8 Engine contains an out-of-bounds memory access vulnerability that allows a remote attacker to potent…	ALTA	2024-01-17
CVE-2023-6549	Citrix NetScaler ADC and NetScaler Gateway	Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for a denial-of-service …	ALTA	2024-01-17
CVE-2023-6548	Citrix NetScaler ADC and NetScaler Gateway	Citrix NetScaler ADC and NetScaler Gateway contain a code injection vulnerability that allows for authenticated remote …	MEDIA	2024-01-17
CVE-2018-15133	Laravel Laravel Framework	Laravel Framework contains a deserialization of untrusted data vulnerability, allowing for remote command execution. Th…	ALTA	2024-01-16
CVE-2023-29357	Microsoft SharePoint Server	Microsoft SharePoint Server contains an unspecified vulnerability that allows an unauthenticated attacker, who has gain…	CRÍTICA	2024-01-10
CVE-2023-46805	Ivanti Connect Secure and Policy Secure	Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure gateways contain an authen…	ALTA	2024-01-10

← Anterior Página 21 / 64 (1587 CVEs total) Siguiente →