CIBERPLANETA_
// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

  • 🟢 BAJA — 0 CVEs nuevos en el feed reciente
  • 🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
  • 🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
  • 🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

17
CVEs añadidos este mes
1546
Total KEV catalogados
10
Vendors afectados

// cves_añadidos_este_mes

CVE Producto Criticidad Añadido
CVE-2026-20131 Cisco Secure Firewall Management Center (FMC) CRÍTICA 2026-03-19
CVE-2025-66376 Synacor Zimbra Collaboration Suite (ZCS) ALTA 2026-03-18
CVE-2026-20963 Microsoft SharePoint ALTA 2026-03-18
CVE-2025-47813 Wing FTP Server Wing FTP Server MEDIA 2026-03-16
CVE-2026-3910 Google Chromium V8 ALTA 2026-03-13
CVE-2026-3909 Google Skia ALTA 2026-03-13
CVE-2025-68613 n8n n8n CRÍTICA 2026-03-11
CVE-2021-22054 Omnissa Workspace One UEM ALTA 2026-03-09
CVE-2025-26399 SolarWinds Web Help Desk CRÍTICA 2026-03-09
CVE-2026-1603 Ivanti Endpoint Manager (EPM) ALTA 2026-03-09

// top_vendors_afectados

Microsoft
15
Cisco
5
Google
5
Apple
5
Fortinet
4
Synacor
3
SolarWinds
3
Broadcom
3
SmarterTools
3
Gladinet
3

// catalogo_kev_completo

CVE ID Producto Descripción CVSS Añadido
CVE-2019-18935 Progress Telerik UI for ASP.NET AJAX Progress Telerik UI for ASP.NET AJAX contains a deserialization of untrusted data vulnerability through RadAsyncUpload … CRÍTICA 2021-11-03
CVE-2021-22893 Ivanti Pulse Connect Secure Ivanti Pulse Connect Secure contains a use-after-free vulnerability that allow a remote, unauthenticated attacker to ex… CRÍTICA 2021-11-03
CVE-2020-8243 Ivanti Pulse Connect Secure Ivanti Pulse Connect Secure contains an unspecified vulnerability in the admin web interface that could allow an authen… ALTA 2021-11-03
CVE-2021-22900 Ivanti Pulse Connect Secure Ivanti Pulse Connect Secure contains an unrestricted file upload vulnerability that allows an authenticated administrat… ALTA 2021-11-03
CVE-2021-22894 Ivanti Pulse Connect Secure Ivanti Pulse Connect Secure Collaboration Suite contains a buffer overflow vulnerabilities that allows a remote authent… ALTA 2021-11-03
CVE-2020-8260 Ivanti Pulse Connect Secure Pulse Connect Secure contains an unspecified vulnerability that allows an authenticated attacker to perform code execut… ALTA 2021-11-03
CVE-2021-22899 Ivanti Pulse Connect Secure Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perfor… ALTA 2021-11-03
CVE-2019-11510 Ivanti Pulse Connect Secure Ivanti Pulse Connect Secure contains an arbitrary file read vulnerability that allows an unauthenticated remote attacke… CRÍTICA 2021-11-03
CVE-2019-11539 Ivanti Pulse Connect Secure and Pulse Policy Secure Ivanti Pulse Connect Secure and Policy Secure allows an authenticated attacker from the admin web interface to inject a… ALTA 2021-11-03
CVE-2021-1906 Qualcomm Multiple Chipsets Multiple Qualcomm chipsets contain a detection of error condition without action vulnerability when improper handling o… MEDIA 2021-11-03
CVE-2021-1905 Qualcomm Multiple Chipsets Multiple Qualcomm Chipsets contain a use after free vulnerability due to improper handling of memory mapping of multipl… ALTA 2021-11-03
CVE-2020-10221 rConfig rConfig rConfig lib/ajaxHandlers/ajaxAddTemplate.php contains an OS command injection vulnerability that allows remote attacker… ALTA 2021-11-03
CVE-2021-35395 Realtek AP-Router SDK Realtek AP-Router SDK HTTP web server boa contains a buffer overflow vulnerability due to unsafe copies of some overly … CRÍTICA 2021-11-03
CVE-2017-16651 Roundcube Roundcube Webmail Roundcube Webmail contains a file disclosure vulnerability caused by insufficient input validation in conjunction with … ALTA 2021-11-03
CVE-2020-11652 SaltStack Salt SaltStack Salt contains a path traversal vulnerability in the salt-master process ClearFuncs which allows directory acc… MEDIA 2021-11-03
CVE-2020-11651 SaltStack Salt SaltStack Salt contains an authentication bypass vulnerability in the salt-master process ClearFuncs due to improperly … CRÍTICA 2021-11-03
CVE-2020-16846 SaltStack Salt SaltStack Salt allows an unauthenticated user with network access to the Salt API to use shell injections to run code o… CRÍTICA 2021-11-03
CVE-2018-2380 SAP Customer Relationship Management (CRM) SAP Customer Relationship Management (CRM) contains a path traversal vulnerability that allows an attacker to exploit i… MEDIA 2021-11-03
CVE-2010-5326 SAP NetWeaver SAP NetWeaver Application Server Java Platforms Invoker Servlet does not require authentication, allowing for remote co… CRÍTICA 2021-11-03
CVE-2016-9563 SAP NetWeaver SAP NetWeaver Application Server Java Platforms contains an unspecified vulnerability in BC-BMT-BPM-DSK which allows re… MEDIA 2021-11-03
CVE-2020-6287 SAP NetWeaver SAP NetWeaver Application Server Java Platforms contains a missing authentication for critical function vulnerability a… CRÍTICA 2021-11-03
CVE-2020-6207 SAP Solution Manager SAP Solution Manager User Experience Monitoring contains a missing authentication for critical function vulnerability w… CRÍTICA 2021-11-03
CVE-2016-3976 SAP NetWeaver SAP NetWeaver Application Server Java Platforms contains a directory traversal vulnerability via a ..\ (dot dot backsla… ALTA 2021-11-03
CVE-2019-16256 SIMalliance Toolbox Browser SIMalliance Toolbox Browser contains an command injection vulnerability that could allow remote attackers to retrieve l… CRÍTICA 2021-11-03
CVE-2020-10148 SolarWinds Orion SolarWinds Orion API contains an authentication bypass vulnerability that could allow a remote attacker to execute API … CRÍTICA 2021-11-03
← Anterior Página 60 / 62 (1546 CVEs total) Siguiente →
[INFO] El malware Speagle secuestra Cobra DocGuard para robar datos a través de servidores comprometidos...  ·  [INFO] 54 asesinos de EDR utilizan BYOVD para explotar 34 controladores vulnerables firmados y deshabilitar la seguridad...  ·  [INFO] CVE-2026-20131: Vulnerabilidad Crítica de Deserialización en Cisco FMC y SCC  ·  [INFO] Boletín del Día de las Amenazas: RaaS de FortiGate, exploits de Citrix, abuso de MCP, suplantación de identidad de chat en vivo y ...  ·  [INFO] El nuevo malware bancario Android de Perseus monitorea las aplicaciones de notas para extraer datos confidenciales...  ·  [INFO] El malware Speagle secuestra Cobra DocGuard para robar datos a través de servidores comprometidos...  ·  [INFO] 54 asesinos de EDR utilizan BYOVD para explotar 34 controladores vulnerables firmados y deshabilitar la seguridad...  ·  [INFO] CVE-2026-20131: Vulnerabilidad Crítica de Deserialización en Cisco FMC y SCC  ·  [INFO] Boletín del Día de las Amenazas: RaaS de FortiGate, exploits de Citrix, abuso de MCP, suplantación de identidad de chat en vivo y ...  ·  [INFO] El nuevo malware bancario Android de Perseus monitorea las aplicaciones de notas para extraer datos confidenciales...  ·