// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1587

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-31431	Linux Kernel	ALTA	2026-05-01

// top_vendors_afectados

Microsoft

19

Cisco

7

Apple

7

Synacor

4

Google

4

Fortinet

3

Ivanti

3

SolarWinds

3

SmarterTools

3

Linux

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2010-5330	Ubiquiti AirOS	Certain Ubiquiti devices contain a command injection vulnerability via a GET request to stainfo.cgi.	CRÍTICA	2022-04-15
CVE-2007-3010	Alcatel OmniPCX Enterprise	masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server allows remote attackers to…	CRÍTICA	2022-04-15
CVE-2022-22954	VMware Workspace ONE Access and Identity Manager	VMware Workspace ONE Access and Identity Manager allow for remote code execution due to server-side template injection.	CRÍTICA	2022-04-14
CVE-2022-24521	Microsoft Windows	Microsoft Windows Common Log File System (CLFS) Driver contains an unspecified vulnerability that allows for privilege …	ALTA	2022-04-13
CVE-2018-7602	Drupal Core	A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit m…	CRÍTICA	2022-04-13
CVE-2018-20753	Kaseya Virtual System/Server Administrator (VSA)	Kaseya VSA RMM allows unprivileged remote attackers to execute PowerShell payloads on all managed devices.	CRÍTICA	2022-04-13
CVE-2015-5123	Adobe Flash Player	Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player a…	CRÍTICA	2022-04-13
CVE-2015-5122	Adobe Flash Player	Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Playe…	CRÍTICA	2022-04-13
CVE-2015-3113	Adobe Flash Player	Heap-based buffer overflow vulnerability in Adobe Flash Player allows remote attackers to execute code.	CRÍTICA	2022-04-13
CVE-2015-2502	Microsoft Internet Explorer	Microsoft Internet Explorer contains a memory corruption vulnerability that allows an attacker to execute code or cause…	ALTA	2022-04-13
CVE-2015-0313	Adobe Flash Player	Use-after-free vulnerability in Adobe Flash Player allows remote attackers to execute code.	CRÍTICA	2022-04-13
CVE-2015-0311	Adobe Flash Player	Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute code.	CRÍTICA	2022-04-13
CVE-2014-9163	Adobe Flash Player	Stack-based buffer overflow in Adobe Flash Player allows attackers to execute code remotely.	ALTA	2022-04-13
CVE-2022-23176	WatchGuard Firebox and XTM	WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a…	ALTA	2022-04-11
CVE-2021-42287	Microsoft Active Directory	Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.	ALTA	2022-04-11
CVE-2021-42278	Microsoft Active Directory	Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation.	ALTA	2022-04-11
CVE-2021-39793	Google Pixel	Google Pixel contains a possible out-of-bounds write due to a logic error in the code that could lead to local escalati…	ALTA	2022-04-11
CVE-2021-27852	Checkbox Checkbox Survey	Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote …	CRÍTICA	2022-04-11
CVE-2021-22600	Linux Kernel	Linux Kernel contains a flaw in the packet socket (AF_PACKET) implementation which could lead to incorrectly freeing me…	MEDIA	2022-04-11
CVE-2020-2509	QNAP QNAP Network-Attached Storage (NAS)	QNAP NAS devices contain a command injection vulnerability which could allow attackers to perform remote code execution.	CRÍTICA	2022-04-11
CVE-2017-11317	Telerik User Interface (UI) for ASP.NET AJAX	Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX allows remote attackers to perform arbitrary file uploads or exe…	CRÍTICA	2022-04-11
CVE-2021-3156	Sudo Sudo	Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalatio…	ALTA	2022-04-06
CVE-2021-31166	Microsoft HTTP Protocol Stack	Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution.	CRÍTICA	2022-04-06
CVE-2017-0148	Microsoft SMBv1 server	The SMBv1 server in Microsoft allows remote attackers to execute arbitrary code via crafted packets.	ALTA	2022-04-06
CVE-2022-22965	VMware Spring Framework	Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data bi…	CRÍTICA	2022-04-04

← Anterior Página 39 / 64 (1587 CVEs total) Siguiente →