CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1543
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
14
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2014-0546 Adobe Reader and Acrobat Adobe Reader and Acrobat on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute … CRÍTICA 2022-05-25
CVE-2014-2817 Microsoft Internet Explorer Microsoft Internet Explorer cotains an unspecified vulnerability that allows remote attackers to gain privileges via a … ALTA 2022-05-25
CVE-2014-4077 Microsoft Input Method Editor (IME) Japanese Microsoft Input Method Editor (IME) Japanese is a keyboard with Japanese characters that can be enabled on Windows syst… ALTA 2022-05-25
CVE-2014-3153 Linux Kernel The futex_requeue function in kernel/futex.c in Linux kernel does not ensure that calls have two different futex addres… ALTA 2022-05-25
CVE-2013-7331 Microsoft Internet Explorer An information disclosure vulnerability exists in Internet Explorer which allows resources loaded into memory to be que… MEDIA 2022-05-25
CVE-2013-3993 IBM InfoSphere BigInsights Certain APIs within BigInsights can take invalid input that might allow attackers unauthorized access to read, write, m… MEDIA 2022-05-25
CVE-2013-3896 Microsoft Silverlight Microsoft Silverlight does not properly validate pointers during access to Silverlight elements, which allows remote at… MEDIA 2022-05-25
CVE-2013-2423 Oracle Java Runtime Environment (JRE) Unspecified vulnerability in hotspot for Java Runtime Environment (JRE) allows remote attackers to affect integrity. BAJA 2022-05-25
CVE-2013-0431 Oracle Java Runtime Environment (JRE) Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle allows remote attackers to bypass t… MEDIA 2022-05-25
CVE-2013-0422 Oracle Java Runtime Environment (JRE) A vulnerability in the way Java restricts the permissions of Java applets could allow an attacker to execute commands o… CRÍTICA 2022-05-25
CVE-2013-0074 Microsoft Silverlight Microsoft Silverlight does not properly validate pointers during HTML object rendering, which allows remote attackers t… ALTA 2022-05-25
CVE-2012-1710 Oracle Fusion Middleware Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware allows remote… CRÍTICA 2022-05-25
CVE-2010-1428 Red Hat JBoss Unauthenticated access to the JBoss Application Server Web Console (/web-console) is blocked by default. However, it wa… ALTA 2022-05-25
CVE-2010-0840 Oracle Java Runtime Environment (JRE) Unspecified vulnerability in the Java Runtime Environment (JRE) in Java SE component allows remote attackers to affect … CRÍTICA 2022-05-25
CVE-2010-0738 Red Hat JBoss The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform performs access control onl… MEDIA 2022-05-25
CVE-2018-8611 Microsoft Windows A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. ALTA 2022-05-24
CVE-2018-19953 QNAP Network Attached Storage (NAS) A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious c… MEDIA 2022-05-24
CVE-2018-19949 QNAP Network Attached Storage (NAS) A command injection vulnerability affecting QNAP NAS File Station could allow remote attackers to run commands. CRÍTICA 2022-05-24
CVE-2018-19943 QNAP Network Attached Storage (NAS) A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious c… ALTA 2022-05-24
CVE-2017-0147 Microsoft SMBv1 server The SMBv1 server in Microsoft Windows allows remote attackers to obtain sensitive information from process memory via a… ALTA 2022-05-24
CVE-2017-0022 Microsoft XML Core Services Microsoft XML Core Services (MSXML) improperly handles objects in memory, allowing attackers to test for files on disk … MEDIA 2022-05-24
CVE-2017-0005 Microsoft Windows The Graphics Device Interface (GDI) in Microsoft Windows allows local users to gain privileges via a crafted applicatio… ALTA 2022-05-24
CVE-2017-0149 Microsoft Internet Explorer Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or … ALTA 2022-05-24
CVE-2017-0210 Microsoft Internet Explorer A privilege escalation vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, whi… ALTA 2022-05-24
CVE-2017-8291 Artifex Ghostscript Artifex Ghostscript allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFil… ALTA 2022-05-24
← Anterior Página 34 / 62 (1543 CVEs total) Siguiente →
[INFO] Las fallas de inteligencia artificial en Amazon Bedrock, LangSmith y SGLang permiten la exfiltración de datos y el RCE...  ·  [INFO] El ransomware LeakNet usa ClickFix a través de sitios pirateados e implementa el cargador en memoria Deno...  ·  [INFO] La IA está en todas partes, pero los CISO siguen protegiéndola con las habilidades y herramientas de ayer, según un estudio...  ·  [INFO] Konni implementa EndRAT mediante suplantación de identidad y usa KakaoTalk para propagar malware...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·  [INFO] Las fallas de inteligencia artificial en Amazon Bedrock, LangSmith y SGLang permiten la exfiltración de datos y el RCE...  ·  [INFO] El ransomware LeakNet usa ClickFix a través de sitios pirateados e implementa el cargador en memoria Deno...  ·  [INFO] La IA está en todas partes, pero los CISO siguen protegiéndola con las habilidades y herramientas de ayer, según un estudio...  ·  [INFO] Konni implementa EndRAT mediante suplantación de identidad y usa KakaoTalk para propagar malware...  ·  [INFO] La CISA señala la vulnerabilidad Wing FTP explotada activamente que filtra las rutas de los servidores...  ·