// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1587

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-31431	Linux Kernel	ALTA	2026-05-01

// top_vendors_afectados

Microsoft

19

Cisco

7

Apple

7

Synacor

4

Google

4

Fortinet

3

Ivanti

3

SolarWinds

3

SmarterTools

3

Linux

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2021-27104	Accellion FTA	Accellion FTA contains an OS command injection vulnerability exploited via a crafted POST request to various admin endp…	CRÍTICA	2021-11-03
CVE-2021-27102	Accellion FTA	Accellion FTA contains an OS command injection vulnerability exploited via a local web service call.	ALTA	2021-11-03
CVE-2021-27101	Accellion FTA	Accellion FTA contains a SQL injection vulnerability exploited via a crafted host header in a request to document_root.…	CRÍTICA	2021-11-03
CVE-2021-27103	Accellion FTA	Accellion FTA contains a server-side request forgery (SSRF) vulnerability exploited via a crafted POST request to wmPro…	CRÍTICA	2021-11-03
CVE-2021-21017	Adobe Acrobat and Reader	Acrobat Acrobat and Reader contain a heap-based buffer overflow vulnerability that could allow an unauthenticated attac…	ALTA	2021-11-03
CVE-2021-28550	Adobe Acrobat and Reader	Adobe Acrobat and Reader contains a use-after-free vulnerability that could allow an unauthenticated attacker to achiev…	ALTA	2021-11-03
CVE-2018-4939	Adobe ColdFusion	Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could allow for code execution.	CRÍTICA	2021-11-03
CVE-2018-15961	Adobe ColdFusion	Adobe ColdFusion contains an unrestricted file upload vulnerability that could allow for code execution.	CRÍTICA	2021-11-03
CVE-2018-4878	Adobe Flash Player	Adobe Flash Player contains a use-after-free vulnerability that could allow for code execution.	ALTA	2021-11-03
CVE-2020-5735	Amcrest Cameras and Network Video Recorder (NVR)	Amcrest cameras and NVR contain a stack-based buffer overflow vulnerability through port 37777 that allows an unauthent…	ALTA	2021-11-03
CVE-2019-2215	Android Android Kernel	Android Kernel contains a use-after-free vulnerability in binder.c that allows for privilege escalation from an applica…	ALTA	2021-11-03
CVE-2020-0041	Android Android Kernel	Android Kernel binder_transaction of binder.c contains an out-of-bounds write vulnerability due to an incorrect bounds …	ALTA	2021-11-03
CVE-2020-0069	MediaTek Multiple Chipsets	Multiple MediaTek chipsets contain an insufficient input validation vulnerability and have missing SELinux restrictions…	ALTA	2021-11-03
CVE-2017-9805	Apache Struts	Apache Struts REST Plugin uses an XStreamHandler with an instance of XStream for deserialization without any type filte…	ALTA	2021-11-03
CVE-2021-42013	Apache HTTP Server	Apache HTTP Server contains a path traversal vulnerability that allows an attacker to perform remote code execution if …	CRÍTICA	2021-11-03
CVE-2021-41773	Apache HTTP Server	Apache HTTP Server contains a path traversal vulnerability that allows an attacker to perform remote code execution if …	CRÍTICA	2021-11-03
CVE-2019-0211	Apache HTTP Server	Apache HTTP Server, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (in…	ALTA	2021-11-03
CVE-2016-4437	Apache Shiro	Apache Shiro contains a vulnerability which may allow remote attackers to execute code or bypass intended access restri…	CRÍTICA	2021-11-03
CVE-2019-17558	Apache Solr	The Apache Solr VelocityResponseWriter plug-in contains an unspecified vulnerability which can allow for remote code ex…	ALTA	2021-11-03
CVE-2020-17530	Apache Struts	Forced Object-Graph Navigation Language (OGNL) evaluation in Apache Struts, when evaluated on raw user input in tag att…	CRÍTICA	2021-11-03
CVE-2017-5638	Apache Struts	Apache Struts Jakarta Multipart parser allows for malicious file upload using the Content-Type value, leading to remote…	CRÍTICA	2021-11-03
CVE-2018-11776	Apache Struts	Apache Struts contains a vulnerability that allows for remote code execution under two circumstances. One, where the al…	ALTA	2021-11-03
CVE-2021-30858	Apple iOS, iPadOS, and macOS	Apple iOS, iPadOS, and macOS WebKit contain a use-after-free vulnerability that leads to code execution when processing…	ALTA	2021-11-03
CVE-2019-6223	Apple iOS and macOS	Apple iOS and macOS Group FaceTime contains an unspecified vulnerability where the call initiator can cause the recipie…	ALTA	2021-11-03
CVE-2021-30860	Apple Multiple Products	Apple iOS, iPadOS, macOS, and watchOS CoreGraphics contain an integer overflow vulnerability which may allow code execu…	ALTA	2021-11-03

← Anterior Página 53 / 64 (1587 CVEs total) Siguiente →