// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1587

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-31431	Linux Kernel	ALTA	2026-05-01

// top_vendors_afectados

Microsoft

19

Cisco

7

Apple

7

Synacor

4

Google

4

Fortinet

3

Ivanti

3

SolarWinds

3

SmarterTools

3

Linux

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2011-1823	Android Android OS	The vold volume manager daemon in Android kernel trusts messages from a PF_NETLINK socket, which allows an attacker to …	ALTA	2022-09-08
CVE-2022-26352	dotCMS dotCMS	dotCMS ContentResource API contains an unrestricted upload of file with a dangerous type vulnerability that allows for …	CRÍTICA	2022-08-25
CVE-2022-24706	Apache CouchDB	Apache CouchDB contains an insecure default initialization of resource vulnerability which can allow an attacker to esc…	CRÍTICA	2022-08-25
CVE-2022-24112	Apache APISIX	Apache APISIX contains an authentication bypass vulnerability that allows for remote code execution.	CRÍTICA	2022-08-25
CVE-2022-22963	VMware Tanzu Spring Cloud	When using routing functionality in VMware Tanzu's Spring Cloud Function, it is possible for a user to provide a specia…	CRÍTICA	2022-08-25
CVE-2022-2294	WebRTC WebRTC	WebRTC, an open-source project providing web browsers with real-time communication, contains a heap buffer overflow vul…	ALTA	2022-08-25
CVE-2021-39226	Grafana Labs Grafana	Grafana contains an authentication bypass vulnerability that allows authenticated and unauthenticated users to view and…	CRÍTICA	2022-08-25
CVE-2021-38406	Delta Electronics DOPSoft 2	Delta Electronics DOPSoft 2 lacks proper validation of user-supplied data when parsing specific project files (improper…	ALTA	2022-08-25
CVE-2021-31010	Apple iOS, macOS, watchOS	In affected versions of Apple iOS, macOS, and watchOS, a sandboxed process may be able to circumvent sandbox restrictio…	ALTA	2022-08-25
CVE-2020-36193	PEAR Archive_Tar	PEAR Archive_Tar Tar.php allows write operations with directory traversal due to inadequate checking of symbolic links.…	ALTA	2022-08-25
CVE-2020-28949	PEAR Archive_Tar	PEAR Archive_Tar allows an unserialization attack because phar: is blocked but PHAR: is not blocked. PEAR stands for PH…	ALTA	2022-08-25
CVE-2022-0028	Palo Alto Networks PAN-OS	A Palo Alto Networks PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct refle…	ALTA	2022-08-22
CVE-2022-22536	SAP Multiple Products	SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server and SAP…	CRÍTICA	2022-08-18
CVE-2022-32894	Apple iOS and macOS	Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow an application to execute code with k…	ALTA	2022-08-18
CVE-2022-32893	Apple iOS and macOS	Apple iOS and macOS contain an out-of-bounds write vulnerability that could allow for remote code execution when proces…	ALTA	2022-08-18
CVE-2022-2856	Google Chromium Intents	Google Chromium Intents contains an insufficient validation of untrusted input vulnerability that allows a remote attac…	MEDIA	2022-08-18
CVE-2022-26923	Microsoft Active Directory	An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate fr…	ALTA	2022-08-18
CVE-2022-21971	Microsoft Windows	Microsoft Windows Runtime contains an unspecified vulnerability that allows for remote code execution.	ALTA	2022-08-18
CVE-2017-15944	Palo Alto Networks PAN-OS	Palo Alto Networks PAN-OS contains multiple, unspecified vulnerabilities which can allow for remote code execution when…	CRÍTICA	2022-08-18
CVE-2022-27925	Synacor Zimbra Collaboration Suite (ZCS)	Synacor Zimbra Collaboration Suite (ZCS) contains flaw in the mboximport functionality, allowing an authenticated attac…	ALTA	2022-08-11
CVE-2022-37042	Synacor Zimbra Collaboration Suite (ZCS)	Synacor Zimbra Collaboration Suite (ZCS) contains an authentication bypass vulnerability in MailboxImportServlet. This …	CRÍTICA	2022-08-11
CVE-2022-34713	Microsoft Windows	A remote code execution vulnerability exists when Microsoft Windows MSDT is called using the URL protocol from a callin…	ALTA	2022-08-09
CVE-2022-30333	RARLAB UnRAR	RARLAB UnRAR on Linux and UNIX contains a directory traversal vulnerability, allowing an attacker to write to files dur…	ALTA	2022-08-09
CVE-2022-27924	Synacor Zimbra Collaboration Suite (ZCS)	Synacor Zimbra Collaboration Suite (ZCS) allows an attacker to inject memcache commands into a targeted instance which …	ALTA	2022-08-04
CVE-2022-26138	Atlassian Confluence	Atlassian Questions For Confluence App has hard-coded credentials, exposing the username and password in plaintext. A r…	CRÍTICA	2022-07-29

← Anterior Página 32 / 64 (1587 CVEs total) Siguiente →