CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1543
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
14
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2018-14839 LG N1A1 NAS LG N1A1 NAS 3718.510 is affected by a remote code execution vulnerability. CRÍTICA 2022-03-25
CVE-2018-1273 VMware Tanzu Spring Data Commons Spring Data Commons contains a property binder vulnerability which can allow an attacker to perform remote code executi… CRÍTICA 2022-03-25
CVE-2018-11138 Quest KACE System Management Appliance The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance is accessible by anonym… CRÍTICA 2022-03-25
CVE-2018-0147 Cisco Secure Access Control System (ACS) A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) could allow an unauthenticated… CRÍTICA 2022-03-25
CVE-2018-0125 Cisco VPN Routers A vulnerability in the web interface of the Cisco VPN Routers could allow an unauthenticated, remote attacker to execut… CRÍTICA 2022-03-25
CVE-2017-6334 NETGEAR DGN2200 Devices dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute a… ALTA 2022-03-25
CVE-2017-6316 Citrix NetScaler SD-WAN Enterprise, CloudBridge Virtual WAN, and XenMobile Server A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edit… CRÍTICA 2022-03-25
CVE-2017-3881 Cisco IOS and IOS XE A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software c… CRÍTICA 2022-03-25
CVE-2017-12617 Apache Tomcat When running Apache Tomcat, it is possible to upload a JSP file to the server via a specially crafted request. This JSP… ALTA 2022-03-25
CVE-2017-12615 Apache Tomcat When running Apache Tomcat on Windows with HTTP PUTs enabled, it is possible to upload a JSP file to the server via a s… ALTA 2022-03-25
CVE-2017-0146 Microsoft Windows The SMBv1 server in Microsoft Windows allows remote attackers to perform remote code execution. ALTA 2022-03-25
CVE-2016-7892 Adobe Flash Player Adobe Flash Player has an exploitable use-after-free vulnerability in the TextField class. ALTA 2022-03-25
CVE-2016-4171 Adobe Flash Player Unspecified vulnerability in Adobe Flash Player allows for remote code execution. CRÍTICA 2022-03-25
CVE-2016-1555 NETGEAR Wireless Access Point (WAP) Devices Multiple NETGEAR Wireless Access Point devices allows unauthenticated web pages to pass form input directly to the comm… CRÍTICA 2022-03-25
CVE-2016-11021 D-Link DCS-930L Devices setSystemCommand on D-Link DCS-930L devices allows a remote attacker to execute code via an OS command. ALTA 2022-03-25
CVE-2016-10174 NETGEAR WNR2000v5 Router The NETGEAR WNR2000v5 router contains a buffer overflow which can be exploited to achieve remote code execution. CRÍTICA 2022-03-25
CVE-2016-0752 Rails Ruby on Rails Directory traversal vulnerability in Action View in Ruby on Rails allows remote attackers to read arbitrary files. ALTA 2022-03-25
CVE-2015-4068 Arcserve Unified Data Protection (UDP) Directory traversal vulnerability in Arcserve UDP allows remote attackers to obtain sensitive information or cause a de… CRÍTICA 2022-03-25
CVE-2015-3035 TP-Link Multiple Archer Devices Directory traversal vulnerability in multiple TP-Link Archer devices allows remote attackers to read arbitrary files vi… ALTA 2022-03-25
CVE-2015-1427 Elastic Elasticsearch The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and exe… CRÍTICA 2022-03-25
CVE-2015-1187 D-Link and TRENDnet Multiple Devices The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to perform remote code execution. CRÍTICA 2022-03-25
CVE-2015-0666 Cisco Prime Data Center Network Manager (DCNM) Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remo… ALTA 2022-03-25
CVE-2014-6332 Microsoft Windows OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site. ALTA 2022-03-25
CVE-2014-6324 Microsoft Kerberos Key Distribution Center (KDC) The Kerberos Key Distribution Center (KDC) in Microsoft allows remote authenticated domain users to obtain domain admin… ALTA 2022-03-25
CVE-2014-6287 Rejetto HTTP File Server (HFS) The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (HFS or HttpFileServer) allows remote attacke… CRÍTICA 2022-03-25
← Anterior Página 41 / 62 (1543 CVEs total) Siguiente →
[INFO] Nueve fallos críticos de KVM IP permiten el acceso root no autenticado en cuatro proveedores...  ·  [INFO] Claude Code Security y Magecart: Cómo definir bien el modelo de amenazas...  ·  [INFO] Tutorial del producto: Cómo Mesh CSMA revela y rompe los caminos de ataque hacia Crown Jewels...  ·  [INFO] El error CVE-2026-3888 de Ubuntu permite a los atacantes hacerse con el root mediante el exploit de sincronización de limpieza de ...  ·  [INFO] Una falla crítica de Telnetd sin parches (CVE-2026-32746) permite la RCE raíz no autenticada a través del puerto 23...  ·  [INFO] Nueve fallos críticos de KVM IP permiten el acceso root no autenticado en cuatro proveedores...  ·  [INFO] Claude Code Security y Magecart: Cómo definir bien el modelo de amenazas...  ·  [INFO] Tutorial del producto: Cómo Mesh CSMA revela y rompe los caminos de ataque hacia Crown Jewels...  ·  [INFO] El error CVE-2026-3888 de Ubuntu permite a los atacantes hacerse con el root mediante el exploit de sincronización de limpieza de ...  ·  [INFO] Una falla crítica de Telnetd sin parches (CVE-2026-32746) permite la RCE raíz no autenticada a través del puerto 23...  ·