CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

14
CVEs añadidos este mes
1543
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09
CVE-2017-7921 Hikvision Multiple Products CRÍTICA 2026-03-05
CVE-2021-22681 Rockwell Multiple Products CRÍTICA 2026-03-05
CVE-2023-43000 Apple Multiple Products ALTA 2026-03-05

// top_vendors_afectados

Microsoft
14
Apple
6
Google
5
Cisco
4
Fortinet
4
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3
Ivanti
2

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2014-3120 Elastic Elasticsearch Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java c… ALTA 2022-03-25
CVE-2014-0130 Rails Ruby on Rails Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation i… ALTA 2022-03-25
CVE-2013-5223 D-Link DSL-2760U A cross-site scripting (XSS) vulnerability exists in the D-Link DSL-2760U gateway, allowing remote authenticated users … MEDIA 2022-03-25
CVE-2013-4810 Hewlett Packard (HP) ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management HP ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management allow remote attac… CRÍTICA 2022-03-25
CVE-2013-2251 Apache Struts Apache Struts allows remote attackers to execute arbitrary Object-Graph Navigation Language (OGNL) expressions. CRÍTICA 2022-03-25
CVE-2012-1823 PHP PHP sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remot… CRÍTICA 2022-03-25
CVE-2010-4345 Exim Exim Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate c… ALTA 2022-03-25
CVE-2010-4344 Exim Exim Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to ex… CRÍTICA 2022-03-25
CVE-2010-3035 Cisco IOS XR Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS). ALTA 2022-03-25
CVE-2010-2861 Adobe ColdFusion A directory traversal vulnerability exists in the administrator console in Adobe ColdFusion which allows remote attacke… CRÍTICA 2022-03-25
CVE-2009-2055 Cisco IOS XR Cisco IOS XR,when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS). MEDIA 2022-03-25
CVE-2009-1151 phpMyAdmin phpMyAdmin Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in… CRÍTICA 2022-03-25
CVE-2009-0927 Adobe Reader and Acrobat Stack-based buffer overflow in Adobe Reader and Adobe Acrobat allows remote attackers to execute arbitrary code. ALTA 2022-03-25
CVE-2005-2773 Hewlett Packard (HP) OpenView Network Node Manager HP OpenView Network Node Manager could allow a remote attacker to execute arbitrary commands on the system. CRÍTICA 2022-03-25
CVE-2020-5135 SonicWall SonicOS A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially ex… CRÍTICA 2022-03-15
CVE-2019-1405 Microsoft Windows A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation. ALTA 2022-03-15
CVE-2019-1322 Microsoft Windows A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who su… ALTA 2022-03-15
CVE-2019-1315 Microsoft Windows A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An atta… ALTA 2022-03-15
CVE-2019-1253 Microsoft Windows A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions. ALTA 2022-03-15
CVE-2019-1132 Microsoft Win32k A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in me… ALTA 2022-03-15
CVE-2019-1129 Microsoft Windows A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who success… ALTA 2022-03-15
CVE-2019-1069 Microsoft Task Scheduler A privilege escalation vulnerability exists in the way the Task Scheduler Service validates certain file operations. ALTA 2022-03-15
CVE-2019-1064 Microsoft Windows A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who success… ALTA 2022-03-15
CVE-2019-0841 Microsoft Windows A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who success… ALTA 2022-03-15
CVE-2019-0543 Microsoft Windows A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who su… ALTA 2022-03-15
← Anterior Página 42 / 62 (1543 CVEs total) Siguiente →
[INFO] Nueve fallos críticos de KVM IP permiten el acceso root no autenticado en cuatro proveedores...  ·  [INFO] Claude Code Security y Magecart: Cómo definir bien el modelo de amenazas...  ·  [INFO] Tutorial del producto: Cómo Mesh CSMA revela y rompe los caminos de ataque hacia Crown Jewels...  ·  [INFO] El error CVE-2026-3888 de Ubuntu permite a los atacantes hacerse con el root mediante el exploit de sincronización de limpieza de ...  ·  [INFO] Una falla crítica de Telnetd sin parches (CVE-2026-32746) permite la RCE raíz no autenticada a través del puerto 23...  ·  [INFO] Nueve fallos críticos de KVM IP permiten el acceso root no autenticado en cuatro proveedores...  ·  [INFO] Claude Code Security y Magecart: Cómo definir bien el modelo de amenazas...  ·  [INFO] Tutorial del producto: Cómo Mesh CSMA revela y rompe los caminos de ataque hacia Crown Jewels...  ·  [INFO] El error CVE-2026-3888 de Ubuntu permite a los atacantes hacerse con el root mediante el exploit de sincronización de limpieza de ...  ·  [INFO] Una falla crítica de Telnetd sin parches (CVE-2026-32746) permite la RCE raíz no autenticada a través del puerto 23...  ·