CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

1
CVEs añadidos este mes
1587
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2026-31431 Linux Kernel ALTA 2026-05-01

// top_vendors_afectados

Microsoft
19
Cisco
7
Apple
7
Synacor
4
Google
4
Fortinet
3
Ivanti
3
SolarWinds
3
SmarterTools
3
Linux
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2024-21887 Ivanti Connect Secure and Policy Secure Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure contain a command injectio… CRÍTICA 2024-01-10
CVE-2023-23752 Joomla! Joomla! Joomla! contains an improper access control vulnerability that allows unauthorized access to webservice endpoints. MEDIA 2024-01-08
CVE-2016-20017 D-Link DSL-2750B Devices D-Link DSL-2750B devices contain a command injection vulnerability that allows remote, unauthenticated command injectio… CRÍTICA 2024-01-08
CVE-2023-41990 Apple Multiple Products Apple iOS, iPadOS, macOS, tvOS, and watchOS contain an unspecified vulnerability that allows for code execution when pr… ALTA 2024-01-08
CVE-2023-27524 Apache Superset Apache Superset contains an insecure default initialization of a resource vulnerability that allows an attacker to auth… ALTA 2024-01-08
CVE-2023-29300 Adobe ColdFusion Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for code execution. CRÍTICA 2024-01-08
CVE-2023-38203 Adobe ColdFusion Adobe ColdFusion contains a deserialization of untrusted data vulnerability that allows for code execution. CRÍTICA 2024-01-08
CVE-2023-7101 Spreadsheet::ParseExcel Spreadsheet::ParseExcel Spreadsheet::ParseExcel contains a remote code execution vulnerability due to passing unvalidated input from a file int… ALTA 2024-01-02
CVE-2023-7024 Google Chromium WebRTC Google Chromium WebRTC, an open-source project providing web browsers with real-time communication, contains a heap buf… ALTA 2024-01-02
CVE-2023-49897 FXC AE1021, AE1021PE FXC AE1021 and AE1021PE contain an OS command injection vulnerability that allows authenticated users to execute comman… ALTA 2023-12-21
CVE-2023-47565 QNAP VioStor NVR QNAP VioStar NVR contains an OS command injection vulnerability that allows authenticated users to execute commands via… ALTA 2023-12-21
CVE-2023-6448 Unitronics Vision PLC and HMI Unitronics Vision Series PLCs and HMIs ship with an insecure default password, which if left unchanged, can allow attac… CRÍTICA 2023-12-11
CVE-2023-41266 Qlik Sense Qlik Sense contains a path traversal vulnerability that allows a remote, unauthenticated attacker to create an anonymou… ALTA 2023-12-07
CVE-2023-41265 Qlik Sense Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP req… CRÍTICA 2023-12-07
CVE-2023-33107 Qualcomm Multiple Chipsets Multiple Qualcomm chipsets contain an integer overflow vulnerability due to memory corruption in Graphics Linux while a… ALTA 2023-12-05
CVE-2023-33106 Qualcomm Multiple Chipsets Multiple Qualcomm chipsets contain a use of out-of-range pointer offset vulnerability due to memory corruption in Graph… ALTA 2023-12-05
CVE-2023-33063 Qualcomm Multiple Chipsets Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services during a rem… ALTA 2023-12-05
CVE-2022-22071 Qualcomm Multiple Chipsets Multiple Qualcomm chipsets contain a use-after-free vulnerability when process shell memory is freed using IOCTL munmap… ALTA 2023-12-05
CVE-2023-42917 Apple Multiple Products Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when… ALTA 2023-12-04
CVE-2023-42916 Apple Multiple Products Apple iOS, iPadOS, macOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive inf… MEDIA 2023-12-04
CVE-2023-6345 Google Chromium Skia Google Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the … CRÍTICA 2023-11-30
CVE-2023-49103 ownCloud ownCloud graphapi ownCloud graphapi contains an information disclosure vulnerability that can reveal sensitive data stored in phpinfo() v… CRÍTICA 2023-11-30
CVE-2023-4911 GNU GNU C Library GNU C Library's dynamic loader ld.so contains a buffer overflow vulnerability when processing the GLIBC_TUNABLES enviro… ALTA 2023-11-21
CVE-2023-36584 Microsoft Windows Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss o… MEDIA 2023-11-16
CVE-2023-1671 Sophos Web Appliance Sophos Web Appliance contains a command injection vulnerability in the warn-proceed handler that allows for remote code… CRÍTICA 2023-11-16
← Anterior Página 22 / 64 (1587 CVEs total) Siguiente →
[INFO] CVE-2026-31431: Vulnerabilidad de Escalada de Privilegios en Linux Kernel  ·  [INFO] CVE-2026-41940: Vulnerabilidad Crítica de Bypass de Autenticación en cPanel & WHM y WP2  ·  [INFO] CVE-2024-1708: Path Traversal en ConnectWise ScreenConnect Explotado Activamente  ·  [INFO] CVE-2026-32202: Fallo en Mecanismo de Protección en Microsoft Windows  ·  [INFO] CVE-2024-57726: Vulnerabilidad Crítica de Autorización en SimpleHelp  ·  [INFO] CVE-2026-31431: Vulnerabilidad de Escalada de Privilegios en Linux Kernel  ·  [INFO] CVE-2026-41940: Vulnerabilidad Crítica de Bypass de Autenticación en cPanel & WHM y WP2  ·  [INFO] CVE-2024-1708: Path Traversal en ConnectWise ScreenConnect Explotado Activamente  ·  [INFO] CVE-2026-32202: Fallo en Mecanismo de Protección en Microsoft Windows  ·  [INFO] CVE-2024-57726: Vulnerabilidad Crítica de Autorización en SimpleHelp  ·