// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1587

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-31431	Linux Kernel	ALTA	2026-05-01

// top_vendors_afectados

Microsoft

19

Cisco

7

Apple

7

Synacor

4

Google

4

Fortinet

3

Ivanti

3

SolarWinds

3

SmarterTools

3

Linux

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2022-44698	Microsoft Defender	Microsoft Defender SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade M…	MEDIA	2022-12-13
CVE-2022-27518	Citrix Application Delivery Controller (ADC) and Gateway	Citrix Application Delivery Controller (ADC) and Gateway, when configured with SAML SP or IdP configuration, contain an…	CRÍTICA	2022-12-13
CVE-2022-26500	Veeam Backup & Replication	The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal …	ALTA	2022-12-13
CVE-2022-26501	Veeam Backup & Replication	The Veeam Distribution Service in the Backup & Replication application allows unauthenticated users to access internal …	CRÍTICA	2022-12-13
CVE-2022-4262	Google Chromium V8	Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit …	ALTA	2022-12-05
CVE-2021-35587	Oracle Fusion Middleware	Oracle Fusion Middleware Access Manager allows an unauthenticated attacker with network access via HTTP to takeover the…	CRÍTICA	2022-11-28
CVE-2022-4135	Google Chromium GPU	Google Chromium GPU contains a heap buffer overflow vulnerability that allows a remote attacker, who has compromised th…	CRÍTICA	2022-11-28
CVE-2022-41049	Microsoft Windows	Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss o…	MEDIA	2022-11-14
CVE-2022-41091	Microsoft Windows	Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss o…	MEDIA	2022-11-08
CVE-2022-41073	Microsoft Windows	Microsoft Windows Print Spooler contains an unspecified vulnerability that allows an attacker to gain SYSTEM-level priv…	ALTA	2022-11-08
CVE-2022-41125	Microsoft Windows	Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that …	ALTA	2022-11-08
CVE-2022-41128	Microsoft Windows	Microsoft Windows contains an unspecified vulnerability in the JScript9 scripting language which allows for remote code…	ALTA	2022-11-08
CVE-2021-25337	Samsung Mobile Devices	Samsung mobile devices contain an improper access control vulnerability in clipboard service which allows untrusted app…	MEDIA	2022-11-08
CVE-2021-25369	Samsung Mobile Devices	Samsung mobile devices using Mali GPU contains an improper access control vulnerability in sec_log file. Exploitation o…	MEDIA	2022-11-08
CVE-2021-25370	Samsung Mobile Devices	Samsung mobile devices using Mali GPU contain an incorrect implementation handling file descriptor in dpu driver. This …	MEDIA	2022-11-08
CVE-2022-3723	Google Chromium V8	Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit …	ALTA	2022-10-28
CVE-2022-42827	Apple iOS and iPadOS	Apple iOS and iPadOS kernel contain an out-of-bounds write vulnerability which can allow an application to perform code…	ALTA	2022-10-25
CVE-2020-3433	Cisco AnyConnect Secure	Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient va…	ALTA	2022-10-24
CVE-2020-3153	Cisco AnyConnect Secure	Cisco AnyConnect Secure Mobility Client for Windows allows for incorrect handling of directory paths. An attacker with …	MEDIA	2022-10-24
CVE-2018-19323	GIGABYTE Multiple Products	The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU…	CRÍTICA	2022-10-24
CVE-2018-19322	GIGABYTE Multiple Products	The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU…	ALTA	2022-10-24
CVE-2018-19321	GIGABYTE Multiple Products	The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU…	ALTA	2022-10-24
CVE-2018-19320	GIGABYTE Multiple Products	The GDrv low-level driver in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II exposes r…	ALTA	2022-10-24
CVE-2022-41352	Synacor Zimbra Collaboration Suite (ZCS)	Synacor Zimbra Collaboration Suite (ZCS) allows an attacker to upload arbitrary files using cpio package to gain incorr…	CRÍTICA	2022-10-20
CVE-2021-3493	Linux Kernel	The overlayfs stacking file system in Linux kernel does not properly validate the application of file capabilities agai…	ALTA	2022-10-20

← Anterior Página 30 / 64 (1587 CVEs total) Siguiente →