// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1587

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-31431	Linux Kernel	ALTA	2026-05-01

// top_vendors_afectados

Microsoft

19

Cisco

7

Apple

7

Synacor

4

Google

4

Fortinet

3

Ivanti

3

SolarWinds

3

SmarterTools

3

Linux

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2016-0189	Microsoft Internet Explorer	The Microsoft JScript nd VBScript engines, as used in Internet Explorer and other products, allow attackers to execute …	ALTA	2022-03-28
CVE-2016-0151	Microsoft Client-Server Run-time Subsystem (CSRSS)	The Client-Server Run-time Subsystem (CSRSS) in Microsoft mismanages process tokens, which allows local users to gain p…	ALTA	2022-03-28
CVE-2016-0040	Microsoft Windows	The kernel in Microsoft Windows allows local users to gain privileges via a crafted application.	ALTA	2022-03-28
CVE-2015-2426	Microsoft Windows	A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperl…	ALTA	2022-03-28
CVE-2015-2419	Microsoft Internet Explorer	JScript in Microsoft Internet Explorer allows remote attackers to execute remote code or cause a denial of service (mem…	ALTA	2022-03-28
CVE-2015-1770	Microsoft Office	Microsoft Office allows remote attackers to execute arbitrary code via a crafted Office document.	ALTA	2022-03-28
CVE-2013-3660	Microsoft Win32k	The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft does not properly initialize…	ALTA	2022-03-28
CVE-2013-2729	Adobe Reader and Acrobat	Integer overflow vulnerability in Adobe Reader and Acrobat allows attackers to execute remote code.	CRÍTICA	2022-03-28
CVE-2013-2551	Microsoft Internet Explorer	Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute remote code via a crafte…	ALTA	2022-03-28
CVE-2013-2465	Oracle Java SE	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to …	CRÍTICA	2022-03-28
CVE-2013-1690	Mozilla Firefox and Thunderbird	Mozilla Firefox and Thunderbird do not properly handle onreadystatechange events in conjunction with page reloading, wh…	ALTA	2022-03-28
CVE-2012-5076	Oracle Java SE	The default Java security properties configuration did not restrict access to the com.sun.org.glassfish.external and co…	CRÍTICA	2022-03-28
CVE-2012-2539	Microsoft Word	Microsoft Word allows attackers to execute remote code or cause a denial-of-service (DoS) via crafted RTF data.	ALTA	2022-03-28
CVE-2012-2034	Adobe Flash Player	Adobe Flash Player contains a memory corruption vulnerability that allows for remote code execution or denial-of-servic…	ALTA	2022-03-28
CVE-2012-0518	Oracle Fusion Middleware	Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows …	MEDIA	2022-03-28
CVE-2011-2005	Microsoft Ancillary Function Driver (afd.sys)	afd.sys in the Ancillary Function Driver in Microsoft Windows does not properly validate user-mode input passed to kern…	ALTA	2022-03-28
CVE-2010-4398	Microsoft Windows	Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows allows local user…	ALTA	2022-03-28
CVE-2022-26318	WatchGuard Firebox and XTM Appliances	On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code.	CRÍTICA	2022-03-25
CVE-2022-26143	Mitel MiCollab, MiVoice Business Express	A vulnerability has been identified in MiCollab and MiVoice Business Express that may allow a malicious actor to gain u…	CRÍTICA	2022-03-25
CVE-2022-21999	Microsoft Windows	Microsoft Windows Print Spooler contains an unspecified vulnerability which can allow for privilege escalation.	ALTA	2022-03-25
CVE-2021-42237	Sitecore XP	Sitcore XP contains an insecure deserialization vulnerability which can allow for remote code execution.	CRÍTICA	2022-03-25
CVE-2021-22941	Citrix ShareFile	Improper Access Control in Citrix ShareFile storage zones controller may allow an unauthenticated attacker to remotely …	CRÍTICA	2022-03-25
CVE-2020-9377	D-Link DIR-610 Devices	D-Link DIR-610 devices allow remote code execution via the cmd parameter to command.php.	ALTA	2022-03-25
CVE-2020-9054	Zyxel Multiple Network-Attached Storage (NAS) Devices	Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability, whi…	CRÍTICA	2022-03-25
CVE-2020-7247	OpenBSD OpenSMTPD	smtp_mailaddr in smtp_session.c in OpenSMTPD, as used in OpenBSD and other products, allows remote attackers to execute…	CRÍTICA	2022-03-25

← Anterior Página 41 / 64 (1587 CVEs total) Siguiente →