CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1543
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
14
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2018-8405 Microsoft DirectX Graphics Kernel (DXGKRNL) An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles obj… ALTA 2022-03-28
CVE-2017-0213 Microsoft Windows Microsoft Windows COM Aggregate Marshaler allows for privilege escalation when an attacker runs a specially crafted app… ALTA 2022-03-28
CVE-2017-0059 Microsoft Internet Explorer Microsoft Internet Explorer allow remote attackers to obtain sensitive information from process memory via a crafted we… MEDIA 2022-03-28
CVE-2017-0037 Microsoft Edge and Internet Explorer Microsoft Edge and Internet Explorer have a type confusion vulnerability in mshtml.dll, which allows remote code execut… ALTA 2022-03-28
CVE-2016-7201 Microsoft Edge The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute remote code or cause a deni… ALTA 2022-03-28
CVE-2016-7200 Microsoft Edge The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute remote code or cause a deni… ALTA 2022-03-28
CVE-2016-0189 Microsoft Internet Explorer The Microsoft JScript nd VBScript engines, as used in Internet Explorer and other products, allow attackers to execute … ALTA 2022-03-28
CVE-2016-0151 Microsoft Client-Server Run-time Subsystem (CSRSS) The Client-Server Run-time Subsystem (CSRSS) in Microsoft mismanages process tokens, which allows local users to gain p… ALTA 2022-03-28
CVE-2016-0040 Microsoft Windows The kernel in Microsoft Windows allows local users to gain privileges via a crafted application. ALTA 2022-03-28
CVE-2015-2426 Microsoft Windows A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperl… ALTA 2022-03-28
CVE-2015-2419 Microsoft Internet Explorer JScript in Microsoft Internet Explorer allows remote attackers to execute remote code or cause a denial of service (mem… ALTA 2022-03-28
CVE-2015-1770 Microsoft Office Microsoft Office allows remote attackers to execute arbitrary code via a crafted Office document. ALTA 2022-03-28
CVE-2013-3660 Microsoft Win32k The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft does not properly initialize… ALTA 2022-03-28
CVE-2013-2729 Adobe Reader and Acrobat Integer overflow vulnerability in Adobe Reader and Acrobat allows attackers to execute remote code. CRÍTICA 2022-03-28
CVE-2013-2551 Microsoft Internet Explorer Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute remote code via a crafte… ALTA 2022-03-28
CVE-2013-2465 Oracle Java SE Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to … CRÍTICA 2022-03-28
CVE-2013-1690 Mozilla Firefox and Thunderbird Mozilla Firefox and Thunderbird do not properly handle onreadystatechange events in conjunction with page reloading, wh… ALTA 2022-03-28
CVE-2012-5076 Oracle Java SE The default Java security properties configuration did not restrict access to the com.sun.org.glassfish.external and co… CRÍTICA 2022-03-28
CVE-2012-2539 Microsoft Word Microsoft Word allows attackers to execute remote code or cause a denial-of-service (DoS) via crafted RTF data. ALTA 2022-03-28
CVE-2012-2034 Adobe Flash Player Adobe Flash Player contains a memory corruption vulnerability that allows for remote code execution or denial-of-servic… ALTA 2022-03-28
CVE-2012-0518 Oracle Fusion Middleware Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows … MEDIA 2022-03-28
CVE-2011-2005 Microsoft Ancillary Function Driver (afd.sys) afd.sys in the Ancillary Function Driver in Microsoft Windows does not properly validate user-mode input passed to kern… ALTA 2022-03-28
CVE-2010-4398 Microsoft Windows Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows allows local user… ALTA 2022-03-28
CVE-2022-26318 WatchGuard Firebox and XTM Appliances On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code. CRÍTICA 2022-03-25
CVE-2022-26143 Mitel MiCollab, MiVoice Business Express A vulnerability has been identified in MiCollab and MiVoice Business Express that may allow a malicious actor to gain u… CRÍTICA 2022-03-25
← Anterior Página 39 / 62 (1543 CVEs total) Siguiente →
[INFO] Tutorial del producto: Cómo Mesh CSMA revela y rompe los caminos de ataque hacia Crown Jewels...  ·  [INFO] El error CVE-2026-3888 de Ubuntu permite a los atacantes hacerse con el root mediante el exploit de sincronización de limpieza de ...  ·  [INFO] Una falla crítica de Telnetd sin parches (CVE-2026-32746) permite la RCE raíz no autenticada a través del puerto 23...  ·  [INFO] Apple corrige la vulnerabilidad de WebKit que permite eludir políticas del mismo origen en iOS y macOS...  ·  [INFO] Las fallas de inteligencia artificial en Amazon Bedrock, LangSmith y SGLang permiten la exfiltración de datos y el RCE...  ·  [INFO] Tutorial del producto: Cómo Mesh CSMA revela y rompe los caminos de ataque hacia Crown Jewels...  ·  [INFO] El error CVE-2026-3888 de Ubuntu permite a los atacantes hacerse con el root mediante el exploit de sincronización de limpieza de ...  ·  [INFO] Una falla crítica de Telnetd sin parches (CVE-2026-32746) permite la RCE raíz no autenticada a través del puerto 23...  ·  [INFO] Apple corrige la vulnerabilidad de WebKit que permite eludir políticas del mismo origen en iOS y macOS...  ·  [INFO] Las fallas de inteligencia artificial en Amazon Bedrock, LangSmith y SGLang permiten la exfiltración de datos y el RCE...  ·