// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1587

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-31431	Linux Kernel	ALTA	2026-05-01

// top_vendors_afectados

Microsoft

19

Cisco

7

Apple

7

Synacor

4

Google

4

Fortinet

3

Ivanti

3

SolarWinds

3

SmarterTools

3

Linux

2

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2021-36955	Microsoft Windows	Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege …	ALTA	2021-11-03
CVE-2021-38648	Microsoft Open Management Infrastructure (OMI)	Microsoft Open Management Infrastructure (OMI) within Azure VM Management Extensions contains an unspecified vulnerabil…	ALTA	2021-11-03
CVE-2020-6819	Mozilla Firefox and Thunderbird	Mozilla Firefox and Thunderbird contain a race condition vulnerability when running the nsDocShell destructor under cer…	ALTA	2021-11-03
CVE-2020-6820	Mozilla Firefox and Thunderbird	Mozilla Firefox and Thunderbird contain a race condition vulnerability when handling a ReadableStream under certain con…	ALTA	2021-11-03
CVE-2019-17026	Mozilla Firefox and Thunderbird	Mozilla Firefox and Thunderbird contain a type confusion vulnerability due to incorrect alias information in the IonMon…	ALTA	2021-11-03
CVE-2019-15949	Nagios Nagios XI	Nagios XI contains a remote code execution vulnerability in which a user can modify the check_plugin executable and ins…	ALTA	2021-11-03
CVE-2020-26919	NETGEAR JGS516PE Devices	Netgear JGS516PE devices contain a missing function level access control vulnerability.	CRÍTICA	2021-11-03
CVE-2019-19356	Netis WF2419 Devices	Netis WF2419 devices contains an unspecified vulnerability that allows an attacker to perform remote code execution as …	ALTA	2021-11-03
CVE-2020-2555	Oracle Multiple Products	Multiple Oracle products contain a remote code execution vulnerability that allows an unauthenticated attacker with net…	CRÍTICA	2021-11-03
CVE-2012-3152	Oracle Fusion Middleware	Oracle Fusion Middleware Reports Developer contains an unspecified vulnerability that allows remote attackers to affect…	CRÍTICA	2021-11-03
CVE-2020-14871	Oracle Solaris and Zettabyte File System (ZFS)	Oracle Solaris and Oracle ZFS Storage Appliance Kit contain an unspecified vulnerability causing high impacts to confid…	CRÍTICA	2021-11-03
CVE-2015-4852	Oracle WebLogic Server	Oracle WebLogic Server contains a deserialization of untrusted data vulnerability within Apache Commons, which can allo…	CRÍTICA	2021-11-03
CVE-2020-14750	Oracle WebLogic Server	Oracle WebLogic Server contains an unspecified vulnerability allowing an unauthenticated attacker to perform remote cod…	CRÍTICA	2021-11-03
CVE-2020-14882	Oracle WebLogic Server	Oracle WebLogic Server contains an unspecified vulnerability, which is assessed to allow for remote code execution, bas…	CRÍTICA	2021-11-03
CVE-2020-14883	Oracle WebLogic Server	Oracle WebLogic Server contains an unspecified vulnerability in the Console component with high impacts to confidentila…	ALTA	2021-11-03
CVE-2020-8644	PlaySMS PlaySMS	PlaySMS contains a server-side template injection vulnerability that allows for remote code execution.	CRÍTICA	2021-11-03
CVE-2019-18935	Progress Telerik UI for ASP.NET AJAX	Progress Telerik UI for ASP.NET AJAX contains a deserialization of untrusted data vulnerability through RadAsyncUpload …	CRÍTICA	2021-11-03
CVE-2021-22893	Ivanti Pulse Connect Secure	Ivanti Pulse Connect Secure contains a use-after-free vulnerability that allow a remote, unauthenticated attacker to ex…	CRÍTICA	2021-11-03
CVE-2020-8243	Ivanti Pulse Connect Secure	Ivanti Pulse Connect Secure contains an unspecified vulnerability in the admin web interface that could allow an authen…	ALTA	2021-11-03
CVE-2021-22900	Ivanti Pulse Connect Secure	Ivanti Pulse Connect Secure contains an unrestricted file upload vulnerability that allows an authenticated administrat…	ALTA	2021-11-03
CVE-2021-22894	Ivanti Pulse Connect Secure	Ivanti Pulse Connect Secure Collaboration Suite contains a buffer overflow vulnerabilities that allows a remote authent…	ALTA	2021-11-03
CVE-2020-8260	Ivanti Pulse Connect Secure	Pulse Connect Secure contains an unspecified vulnerability that allows an authenticated attacker to perform code execut…	ALTA	2021-11-03
CVE-2021-22899	Ivanti Pulse Connect Secure	Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perfor…	ALTA	2021-11-03
CVE-2019-11510	Ivanti Pulse Connect Secure	Ivanti Pulse Connect Secure contains an arbitrary file read vulnerability that allows an unauthenticated remote attacke…	CRÍTICA	2021-11-03
CVE-2019-11539	Ivanti Pulse Connect Secure and Pulse Policy Secure	Ivanti Pulse Connect Secure and Policy Secure allows an authenticated attacker from the admin web interface to inject a…	ALTA	2021-11-03

← Anterior Página 61 / 64 (1587 CVEs total) Siguiente →