// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1587

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-31431	Linux Kernel	ALTA	2026-05-01

// top_vendors_afectados

Microsoft

19

Cisco

7

Apple

7

Synacor

4

Google

4

Fortinet

3

Ivanti

3

SolarWinds

3

SmarterTools

3

Linux

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2013-3896	Microsoft Silverlight	Microsoft Silverlight does not properly validate pointers during access to Silverlight elements, which allows remote at…	MEDIA	2022-05-25
CVE-2013-2423	Oracle Java Runtime Environment (JRE)	Unspecified vulnerability in hotspot for Java Runtime Environment (JRE) allows remote attackers to affect integrity.	BAJA	2022-05-25
CVE-2013-0431	Oracle Java Runtime Environment (JRE)	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle allows remote attackers to bypass t…	MEDIA	2022-05-25
CVE-2013-0422	Oracle Java Runtime Environment (JRE)	A vulnerability in the way Java restricts the permissions of Java applets could allow an attacker to execute commands o…	CRÍTICA	2022-05-25
CVE-2013-0074	Microsoft Silverlight	Microsoft Silverlight does not properly validate pointers during HTML object rendering, which allows remote attackers t…	ALTA	2022-05-25
CVE-2012-1710	Oracle Fusion Middleware	Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware allows remote…	CRÍTICA	2022-05-25
CVE-2010-1428	Red Hat JBoss	Unauthenticated access to the JBoss Application Server Web Console (/web-console) is blocked by default. However, it wa…	ALTA	2022-05-25
CVE-2010-0840	Oracle Java Runtime Environment (JRE)	Unspecified vulnerability in the Java Runtime Environment (JRE) in Java SE component allows remote attackers to affect …	CRÍTICA	2022-05-25
CVE-2010-0738	Red Hat JBoss	The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform performs access control onl…	MEDIA	2022-05-25
CVE-2018-8611	Microsoft Windows	A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory.	ALTA	2022-05-24
CVE-2018-19953	QNAP Network Attached Storage (NAS)	A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious c…	MEDIA	2022-05-24
CVE-2018-19949	QNAP Network Attached Storage (NAS)	A command injection vulnerability affecting QNAP NAS File Station could allow remote attackers to run commands.	CRÍTICA	2022-05-24
CVE-2018-19943	QNAP Network Attached Storage (NAS)	A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious c…	ALTA	2022-05-24
CVE-2017-0147	Microsoft SMBv1 server	The SMBv1 server in Microsoft Windows allows remote attackers to obtain sensitive information from process memory via a…	ALTA	2022-05-24
CVE-2017-0022	Microsoft XML Core Services	Microsoft XML Core Services (MSXML) improperly handles objects in memory, allowing attackers to test for files on disk …	MEDIA	2022-05-24
CVE-2017-0005	Microsoft Windows	The Graphics Device Interface (GDI) in Microsoft Windows allows local users to gain privileges via a crafted applicatio…	ALTA	2022-05-24
CVE-2017-0149	Microsoft Internet Explorer	Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or …	ALTA	2022-05-24
CVE-2017-0210	Microsoft Internet Explorer	A privilege escalation vulnerability exists when Internet Explorer does not properly enforce cross-domain policies, whi…	ALTA	2022-05-24
CVE-2017-8291	Artifex Ghostscript	Artifex Ghostscript allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFil…	ALTA	2022-05-24
CVE-2017-8543	Microsoft Windows	Microsoft Windows allows an attacker to take control of the affected system when Windows Search fails to handle objects…	CRÍTICA	2022-05-24
CVE-2017-18362	Kaseya Virtual System/Server Administrator (VSA)	ConnectWise ManagedITSync integration for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full d…	CRÍTICA	2022-05-24
CVE-2016-0162	Microsoft Internet Explorer	An information disclosure vulnerability exists when Internet Explorer does not properly handle JavaScript. The vulnerab…	MEDIA	2022-05-24
CVE-2016-3351	Microsoft Internet Explorer and Edge	An information disclosure vulnerability exists in the way that certain functions in Internet Explorer and Edge handle o…	MEDIA	2022-05-24
CVE-2016-4655	Apple iOS	The Apple iOS kernel allows attackers to obtain sensitive information from memory via a crafted application.	MEDIA	2022-05-24
CVE-2016-4656	Apple iOS	A memory corruption vulnerability in Apple iOS kernel allows attackers to execute code in a privileged context or cause…	ALTA	2022-05-24

← Anterior Página 36 / 64 (1587 CVEs total) Siguiente →