// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1587

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-31431	Linux Kernel	ALTA	2026-05-01

// top_vendors_afectados

Microsoft

19

Cisco

7

Apple

7

Synacor

4

Google

4

Fortinet

3

Ivanti

3

SolarWinds

3

SmarterTools

3

Linux

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2023-40044	Progress WS_FTP Server	Progress WS_FTP Server contains a deserialization of untrusted data vulnerability in the Ad Hoc Transfer module that al…	CRÍTICA	2023-10-05
CVE-2023-42824	Apple iOS and iPadOS	Apple iOS and iPadOS contain an unspecified vulnerability that allows for local privilege escalation.	ALTA	2023-10-05
CVE-2023-42793	JetBrains TeamCity	JetBrains TeamCity contains an authentication bypass vulnerability that allows for remote code execution on TeamCity Se…	CRÍTICA	2023-10-04
CVE-2023-28229	Microsoft Windows CNG Key Isolation Service	Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that …	ALTA	2023-10-04
CVE-2023-4211	Arm Mali GPU Kernel Driver	Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that allows a local, non-privileged user to make imp…	MEDIA	2023-10-03
CVE-2023-5217	Google Chromium libvpx	Google Chromium libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to p…	ALTA	2023-10-02
CVE-2018-14667	Red Hat JBoss RichFaces Framework	Red Hat JBoss RichFaces Framework contains an expression language injection vulnerability via the UserResource resource…	CRÍTICA	2023-09-28
CVE-2023-41991	Apple Multiple Products	Apple iOS, iPadOS, macOS, and watchOS contain an improper certificate validation vulnerability that can allow a malicio…	MEDIA	2023-09-25
CVE-2023-41992	Apple Multiple Products	Apple iOS, iPadOS, macOS, and watchOS contain an unspecified vulnerability that allows for local privilege escalation.	ALTA	2023-09-25
CVE-2023-41993	Apple Multiple Products	Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when proc…	ALTA	2023-09-25
CVE-2023-41179	Trend Micro Apex One and Worry-Free Business Security	Trend Micro Apex One and Worry-Free Business Security contain an unspecified vulnerability in the third-party anti-viru…	ALTA	2023-09-21
CVE-2023-28434	MinIO MinIO	MinIO contains a security feature bypass vulnerability that allows an attacker to use crafted requests to bypass metada…	ALTA	2023-09-19
CVE-2022-22265	Samsung Mobile Devices	Samsung devices with selected Exynos chipsets contain a use-after-free vulnerability that allows malicious memory write…	MEDIA	2023-09-18
CVE-2014-8361	Realtek SDK	Realtek SDK contains an improper input validation vulnerability in the miniigd SOAP service that allows remote attacker…	CRÍTICA	2023-09-18
CVE-2017-6884	Zyxel EMG2926 Routers	Zyxel EMG2926 routers contain a command injection vulnerability located in the diagnostic tools, specifically the nsloo…	ALTA	2023-09-18
CVE-2021-3129	Laravel Ignition	Laravel Ignition contains a file upload vulnerability that allows unauthenticated remote attackers to execute malicious…	CRÍTICA	2023-09-18
CVE-2023-26369	Adobe Acrobat and Reader	Adobe Acrobat and Reader contains an out-of-bounds write vulnerability that allows for code execution.	ALTA	2023-09-14
CVE-2023-35674	Android Framework	Android Framework contains an unspecified vulnerability that allows for privilege escalation.	ALTA	2023-09-13
CVE-2023-20269	Cisco Adaptive Security Appliance and Firepower Threat Defense	Cisco Adaptive Security Appliance and Firepower Threat Defense contain an unauthorized access vulnerability that could …	MEDIA	2023-09-13
CVE-2023-4863	Google Chromium WebP	Google Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an ou…	ALTA	2023-09-13
CVE-2023-36761	Microsoft Word	Microsoft Word contains an unspecified vulnerability that allows for information disclosure.	MEDIA	2023-09-12
CVE-2023-36802	Microsoft Streaming Service Proxy	Microsoft Streaming Service Proxy contains an unspecified vulnerability that allows for privilege escalation.	ALTA	2023-09-12
CVE-2023-41064	Apple iOS, iPadOS, and macOS	Apple iOS, iPadOS, and macOS contain a buffer overflow vulnerability in ImageIO when processing a maliciously crafted i…	ALTA	2023-09-11
CVE-2023-41061	Apple iOS, iPadOS, and watchOS	Apple iOS, iPadOS, and watchOS contain an unspecified vulnerability due to a validation issue affecting Wallet in which…	ALTA	2023-09-11
CVE-2023-33246	Apache RocketMQ	Several components of Apache RocketMQ, including NameServer, Broker, and Controller, are exposed to the extranet and la…	CRÍTICA	2023-09-06

← Anterior Página 24 / 64 (1587 CVEs total) Siguiente →