// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1587

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-31431	Linux Kernel	ALTA	2026-05-01

// top_vendors_afectados

Microsoft

19

Cisco

7

Apple

7

Synacor

4

Google

4

Fortinet

3

Ivanti

3

SolarWinds

3

SmarterTools

3

Linux

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2019-20500	D-Link DWL-2600AP Access Point	D-Link DWL-2600AP access point contains an authenticated command injection vulnerability via the Save Configuration fun…	ALTA	2023-06-29
CVE-2021-25487	Samsung Mobile Devices	Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of b…	ALTA	2023-06-29
CVE-2021-25489	Samsung Mobile Devices	Samsung mobile devices contain an improper input validation vulnerability within the modem interface driver that result…	BAJA	2023-06-29
CVE-2021-25394	Samsung Mobile Devices	Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-f…	MEDIA	2023-06-29
CVE-2021-25395	Samsung Mobile Devices	Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-f…	MEDIA	2023-06-29
CVE-2021-25371	Samsung Mobile Devices	Samsung mobile devices contain an unspecified vulnerability within DSP driver that allows attackers to load ELF librari…	MEDIA	2023-06-29
CVE-2021-25372	Samsung Mobile Devices	Samsung mobile devices contain an improper boundary check vulnerability within DSP driver that allows for out-of-bounds…	MEDIA	2023-06-29
CVE-2023-32434	Apple Multiple Products	Apple iOS. iPadOS, macOS, and watchOS contain an integer overflow vulnerability that could allow an application to exec…	ALTA	2023-06-23
CVE-2023-32435	Apple Multiple Products	Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when…	ALTA	2023-06-23
CVE-2023-32439	Apple Multiple Products	Apple iOS, iPadOS, macOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution when pr…	ALTA	2023-06-23
CVE-2023-20867	VMware Tools	VMware Tools contains an authentication bypass vulnerability in the vgauth module. A fully compromised ESXi host can fo…	BAJA	2023-06-23
CVE-2023-27992	Zyxel Multiple Network-Attached Storage (NAS) Devices	Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability that…	CRÍTICA	2023-06-23
CVE-2023-20887	VMware Aria Operations for Networks	VMware Aria Operations for Networks (formerly vRealize Network Insight) contains a command injection vulnerability that…	CRÍTICA	2023-06-22
CVE-2020-35730	Roundcube Roundcube Webmail	Roundcube Webmail contains a cross-site scripting (XSS) vulnerability that allows an attacker to send a plain text e-ma…	MEDIA	2023-06-22
CVE-2020-12641	Roundcube Roundcube Webmail	Roundcube Webmail contains an remote code execution vulnerability that allows attackers to execute code via shell metac…	CRÍTICA	2023-06-22
CVE-2021-44026	Roundcube Roundcube Webmail	Roundcube Webmail is vulnerable to SQL injection via search or search_params.	CRÍTICA	2023-06-22
CVE-2016-9079	Mozilla Firefox, Firefox ESR, and Thunderbird	Mozilla Firefox, Firefox ESR, and Thunderbird contain a use-after-free vulnerability in SVG Animation, targeting Firefo…	ALTA	2023-06-22
CVE-2016-0165	Microsoft Win32k	Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.	ALTA	2023-06-22
CVE-2023-27997	Fortinet FortiOS and FortiProxy SSL-VPN	Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthent…	CRÍTICA	2023-06-13
CVE-2023-3079	Google Chromium V8	Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit …	ALTA	2023-06-07
CVE-2023-33009	Zyxel Multiple Firewalls	Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W)-VPN, VPN, and ZyWALL/USG firewalls contain a buffer overflow vulnerabilit…	CRÍTICA	2023-06-05
CVE-2023-33010	Zyxel Multiple Firewalls	Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W)-VPN, VPN, and ZyWALL/USG firewalls contain a buffer overflow vulnerabilit…	CRÍTICA	2023-06-05
CVE-2023-34362	Progress MOVEit Transfer	Progress MOVEit Transfer contains a SQL injection vulnerability that could allow an unauthenticated attacker to gain un…	CRÍTICA	2023-06-02
CVE-2023-28771	Zyxel Multiple Firewalls	Zyxel ATP, USG FLEX, VPN, and ZyWALL/USG firewalls allow for improper error message handling which could allow an unaut…	CRÍTICA	2023-05-31
CVE-2023-2868	Barracuda Networks Email Security Gateway (ESG) Appliance	Barracuda Email Security Gateway (ESG) appliance contains an improper input validation vulnerability of a user-supplied…	CRÍTICA	2023-05-26

← Anterior Página 26 / 64 (1587 CVEs total) Siguiente →