CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1543
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
14
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2018-19323 GIGABYTE Multiple Products The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU… CRÍTICA 2022-10-24
CVE-2018-19322 GIGABYTE Multiple Products The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU… ALTA 2022-10-24
CVE-2018-19321 GIGABYTE Multiple Products The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU… ALTA 2022-10-24
CVE-2018-19320 GIGABYTE Multiple Products The GDrv low-level driver in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II exposes r… ALTA 2022-10-24
CVE-2022-41352 Synacor Zimbra Collaboration Suite (ZCS) Synacor Zimbra Collaboration Suite (ZCS) allows an attacker to upload arbitrary files using cpio package to gain incorr… CRÍTICA 2022-10-20
CVE-2021-3493 Linux Kernel The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities agai… ALTA 2022-10-20
CVE-2022-40684 Fortinet Multiple Products Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an… CRÍTICA 2022-10-11
CVE-2022-41033 Microsoft Windows COM+ Event System Service Microsoft Windows COM+ Event System Service contains an unspecified vulnerability that allows for privilege escalation. ALTA 2022-10-11
CVE-2022-41082 Microsoft Exchange Server Microsoft Exchange Server contains an unspecified vulnerability that allows for authenticated remote code execution. Du… ALTA 2022-09-30
CVE-2022-41040 Microsoft Exchange Server Microsoft Exchange Server allows for server-side request forgery. Dubbed "ProxyNotShell," this vulnerability is chainab… ALTA 2022-09-30
CVE-2022-36804 Atlassian Bitbucket Server and Data Center Multiple API endpoints of Atlassian Bitbucket Server and Data Center contain a command injection vulnerability where an… ALTA 2022-09-30
CVE-2022-3236 Sophos Firewall A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution. CRÍTICA 2022-09-23
CVE-2022-35405 Zoho ManageEngine Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability that allow… CRÍTICA 2022-09-22
CVE-2022-40139 Trend Micro Apex One and Apex One as a Service Trend Micro Apex One and Apex One as a Service contain an improper validation of rollback mechanism components that cou… ALTA 2022-09-15
CVE-2013-6282 Linux Kernel The get_user and put_user API functions of the Linux kernel fail to validate the target address when being used on ARM … ALTA 2022-09-15
CVE-2013-2597 Code Aurora ACDB Audio Driver The Code Aurora audio calibration database (acdb) audio driver contains a stack-based buffer overflow vulnerability tha… ALTA 2022-09-15
CVE-2013-2596 Linux Kernel Linux kernel fb_mmap function in drivers/video/fbmem.c contains an integer overflow vulnerability that allows for privi… ALTA 2022-09-15
CVE-2013-2094 Linux Kernel Linux kernel fails to check all 64 bits of attr.config passed by user space, resulting to out-of-bounds access of the p… ALTA 2022-09-15
CVE-2010-2568 Microsoft Windows Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating sys… ALTA 2022-09-15
CVE-2022-37969 Microsoft Windows Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege … ALTA 2022-09-14
CVE-2022-32917 Apple iOS, iPadOS, and macOS Apple kernel, which is included in iOS, iPadOS, and macOS, contains an unspecified vulnerability where an application m… ALTA 2022-09-14
CVE-2022-3075 Google Chromium Mojo Google Chromium Mojo contains an insufficient data validation vulnerability that allows a remote attacker, who has comp… CRÍTICA 2022-09-08
CVE-2022-27593 QNAP Photo Station Certain QNAP NAS running Photo Station with internet exposure contain an externally controlled reference to a resource … CRÍTICA 2022-09-08
CVE-2022-26258 D-Link DIR-820L D-Link DIR-820L contains an unspecified vulnerability in Device Name parameter in /lan.asp which allows for remote code… CRÍTICA 2022-09-08
CVE-2020-9934 Apple iOS, iPadOS, and macOS Apple iOS, iPadOS, and macOS contain an unspecified vulnerability involving input validation which can allow a local at… MEDIA 2022-09-08
← Anterior Página 29 / 62 (1543 CVEs total) Siguiente →
[INFO] Las fallas de inteligencia artificial en Amazon Bedrock, LangSmith y SGLang permiten la exfiltración de datos y el RCE...  ·  [INFO] El ransomware LeakNet usa ClickFix a través de sitios pirateados e implementa el cargador en memoria Deno...  ·  [INFO] La IA está en todas partes, pero los CISO siguen protegiéndola con las habilidades y herramientas de ayer, según un estudio...  ·  [INFO] Konni implementa EndRAT mediante suplantación de identidad y usa KakaoTalk para propagar malware...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·  [INFO] Las fallas de inteligencia artificial en Amazon Bedrock, LangSmith y SGLang permiten la exfiltración de datos y el RCE...  ·  [INFO] El ransomware LeakNet usa ClickFix a través de sitios pirateados e implementa el cargador en memoria Deno...  ·  [INFO] La IA está en todas partes, pero los CISO siguen protegiéndola con las habilidades y herramientas de ayer, según un estudio...  ·  [INFO] Konni implementa EndRAT mediante suplantación de identidad y usa KakaoTalk para propagar malware...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·