// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1587

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-31431	Linux Kernel	ALTA	2026-05-01

// top_vendors_afectados

Microsoft

19

Cisco

7

Apple

7

Synacor

4

Google

4

Fortinet

3

Ivanti

3

SolarWinds

3

SmarterTools

3

Linux

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2017-6316	Citrix NetScaler SD-WAN Enterprise, CloudBridge Virtual WAN, and XenMobile Server	A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edit…	CRÍTICA	2022-03-25
CVE-2017-3881	Cisco IOS and IOS XE	A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software c…	CRÍTICA	2022-03-25
CVE-2017-12617	Apache Tomcat	When running Apache Tomcat, it is possible to upload a JSP file to the server via a specially crafted request. This JSP…	ALTA	2022-03-25
CVE-2017-12615	Apache Tomcat	When running Apache Tomcat on Windows with HTTP PUTs enabled, it is possible to upload a JSP file to the server via a s…	ALTA	2022-03-25
CVE-2017-0146	Microsoft Windows	The SMBv1 server in Microsoft Windows allows remote attackers to perform remote code execution.	ALTA	2022-03-25
CVE-2016-7892	Adobe Flash Player	Adobe Flash Player has an exploitable use-after-free vulnerability in the TextField class.	ALTA	2022-03-25
CVE-2016-4171	Adobe Flash Player	Unspecified vulnerability in Adobe Flash Player allows for remote code execution.	CRÍTICA	2022-03-25
CVE-2016-1555	NETGEAR Wireless Access Point (WAP) Devices	Multiple NETGEAR Wireless Access Point devices allows unauthenticated web pages to pass form input directly to the comm…	CRÍTICA	2022-03-25
CVE-2016-11021	D-Link DCS-930L Devices	setSystemCommand on D-Link DCS-930L devices allows a remote attacker to execute code via an OS command.	ALTA	2022-03-25
CVE-2016-10174	NETGEAR WNR2000v5 Router	The NETGEAR WNR2000v5 router contains a buffer overflow which can be exploited to achieve remote code execution.	CRÍTICA	2022-03-25
CVE-2016-0752	Rails Ruby on Rails	Directory traversal vulnerability in Action View in Ruby on Rails allows remote attackers to read arbitrary files.	ALTA	2022-03-25
CVE-2015-4068	Arcserve Unified Data Protection (UDP)	Directory traversal vulnerability in Arcserve UDP allows remote attackers to obtain sensitive information or cause a de…	CRÍTICA	2022-03-25
CVE-2015-3035	TP-Link Multiple Archer Devices	Directory traversal vulnerability in multiple TP-Link Archer devices allows remote attackers to read arbitrary files vi…	ALTA	2022-03-25
CVE-2015-1427	Elastic Elasticsearch	The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and exe…	CRÍTICA	2022-03-25
CVE-2015-1187	D-Link and TRENDnet Multiple Devices	The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to perform remote code execution.	CRÍTICA	2022-03-25
CVE-2015-0666	Cisco Prime Data Center Network Manager (DCNM)	Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remo…	ALTA	2022-03-25
CVE-2014-6332	Microsoft Windows	OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site.	ALTA	2022-03-25
CVE-2014-6324	Microsoft Kerberos Key Distribution Center (KDC)	The Kerberos Key Distribution Center (KDC) in Microsoft allows remote authenticated domain users to obtain domain admin…	ALTA	2022-03-25
CVE-2014-6287	Rejetto HTTP File Server (HFS)	The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (HFS or HttpFileServer) allows remote attacke…	CRÍTICA	2022-03-25
CVE-2014-3120	Elastic Elasticsearch	Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java c…	ALTA	2022-03-25
CVE-2014-0130	Rails Ruby on Rails	Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation i…	ALTA	2022-03-25
CVE-2013-5223	D-Link DSL-2760U	A cross-site scripting (XSS) vulnerability exists in the D-Link DSL-2760U gateway, allowing remote authenticated users …	MEDIA	2022-03-25
CVE-2013-4810	Hewlett Packard (HP) ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management	HP ProCurve Manager (PCM), PCM+, Identity Driven Manager (IDM), and Application Lifecycle Management allow remote attac…	CRÍTICA	2022-03-25
CVE-2013-2251	Apache Struts	Apache Struts allows remote attackers to execute arbitrary Object-Graph Navigation Language (OGNL) expressions.	CRÍTICA	2022-03-25
CVE-2012-1823	PHP PHP	sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remot…	CRÍTICA	2022-03-25

← Anterior Página 43 / 64 (1587 CVEs total) Siguiente →