// threat_intelligence_dashboard

Dashboard de Amenazas

Vulnerabilidades activamente explotadas según el catálogo CISA KEV (Known Exploited Vulnerabilities)

▶ ¿Cómo se calcula el nivel de amenaza global?

El nivel de amenaza global mostrado en la barra de navegación se calcula en base al número de CVEs activamente explotados publicados en el catálogo CISA KEV (Known Exploited Vulnerabilities) durante las últimas horas:

🟢 BAJA — 0 CVEs nuevos en el feed reciente
🟡 MEDIA — 1 a 2 CVEs nuevos activamente explotados
🟠 ALTA — 3 a 4 CVEs nuevos activamente explotados
🔴 CRÍTICA — 5 o más CVEs nuevos activamente explotados

Fuente: CISA Known Exploited Vulnerabilities Catalog — actualizado cada hora.

CVEs añadidos este mes

1546

Total KEV catalogados

Vendors afectados

// cves_añadidos_este_mes

CVE	Producto	Criticidad	Añadido
CVE-2026-20131	Cisco Secure Firewall Management Center (FMC)	CRÍTICA	2026-03-19
CVE-2025-66376	Synacor Zimbra Collaboration Suite (ZCS)	ALTA	2026-03-18
CVE-2026-20963	Microsoft SharePoint	ALTA	2026-03-18
CVE-2025-47813	Wing FTP Server Wing FTP Server	MEDIA	2026-03-16
CVE-2026-3910	Google Chromium V8	ALTA	2026-03-13
CVE-2026-3909	Google Skia	ALTA	2026-03-13
CVE-2025-68613	n8n n8n	CRÍTICA	2026-03-11
CVE-2021-22054	Omnissa Workspace One UEM	ALTA	2026-03-09
CVE-2025-26399	SolarWinds Web Help Desk	CRÍTICA	2026-03-09
CVE-2026-1603	Ivanti Endpoint Manager (EPM)	ALTA	2026-03-09

// top_vendors_afectados

Microsoft

15

Cisco

5

Google

5

Apple

5

Fortinet

4

Synacor

3

SolarWinds

3

Broadcom

3

SmarterTools

3

Gladinet

3

// catalogo_kev_completo

CVE ID	Producto	Descripción	CVSS	Añadido
CVE-2019-20085	TVT NVMS-1000	TVT devices utilizing NVMS-1000 software contain a directory traversal vulnerability via GET /.. requests.	ALTA	2021-11-03
CVE-2020-5849	Unraid Unraid	Unraid contains an authentication bypass vulnerability that allows attackers to gain access to the administrative inter…	ALTA	2021-11-03
CVE-2020-5847	Unraid Unraid	Unraid contains a vulnerability due to the insecure use of the extract PHP function that can be abused to execute remot…	CRÍTICA	2021-11-03
CVE-2019-16759	vBulletin vBulletin	The PHP module within vBulletin contains an unspecified vulnerability that allows for remote code execution via the wid…	CRÍTICA	2021-11-03
CVE-2020-17496	vBulletin vBulletin	The PHP module within vBulletin contains an unspecified vulnerability that allows for remote code execution via crafted…	CRÍTICA	2021-11-03
CVE-2019-5544	VMware VMware ESXi and Horizon DaaS	VMware ESXi and Horizon Desktop as a Service (DaaS) OpenSLP contains a heap-based buffer overflow vulnerability that al…	CRÍTICA	2021-11-03
CVE-2020-3992	VMware ESXi	VMware ESXi OpenSLP contains a use-after-free vulnerability that allows an attacker residing in the management network …	CRÍTICA	2021-11-03
CVE-2020-3950	VMware Multiple Products	VMware Fusion, Remote Console (VMRC) for Mac, and Horizon Client for Mac contain a privilege escalation vulnerability d…	ALTA	2021-11-03
CVE-2021-22005	VMware vCenter Server	VMware vCenter Server contains a file upload vulnerability in the Analytics service that allows a user with network acc…	CRÍTICA	2021-11-03
CVE-2020-3952	VMware vCenter Server	VMware vCenter Server contains an information disclosure vulnerability in the VMware Directory Service (vmdir) when the…	CRÍTICA	2021-11-03
CVE-2021-21972	VMware vCenter Server	VMware vCenter Server vSphere Client contains a remote code execution vulnerability in a vCenter Server plugin which al…	CRÍTICA	2021-11-03
CVE-2021-21985	VMware vCenter Server	VMware vSphere Client contains an improper input validation vulnerability in the Virtual SAN Health Check plug-in, whic…	CRÍTICA	2021-11-03
CVE-2020-4006	VMware Multiple Products	VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector contain a command injec…	CRÍTICA	2021-11-03
CVE-2020-25213	WordPress File Manager Plugin	WordPress File Manager plugin contains a remote code execution vulnerability that allows unauthenticated users to execu…	CRÍTICA	2021-11-03
CVE-2020-11738	WordPress Snap Creek Duplicator Plugin	WordPress Snap Creek Duplicator plugin contains a file download vulnerability when an administrator creates a new copy …	ALTA	2021-11-03
CVE-2019-9978	WordPress Social Warfare Plugin	WordPress Social Warfare plugin contains a cross-site scripting (XSS) vulnerability that allows for remote code executi…	MEDIA	2021-11-03
CVE-2021-27561	Yealink Device Management	Yealink Device Management contains a server-side request forgery (SSRF) vulnerability that allows for unauthenticated r…	CRÍTICA	2021-11-03
CVE-2021-40539	Zoho ManageEngine	Zoho ManageEngine ADSelfService Plus contains an authentication bypass vulnerability affecting the REST API URLs which …	CRÍTICA	2021-11-03
CVE-2020-10189	Zoho ManageEngine	Zoho ManageEngine Desktop Central contains a file upload vulnerability that allows for unauthenticated remote code exec…	CRÍTICA	2021-11-03
CVE-2019-8394	Zoho ManageEngine	Zoho ManageEngine ServiceDesk Plus (SDP) contains an unspecified vulnerability that allows remote users to upload files…	MEDIA	2021-11-03
CVE-2020-29583	Zyxel Multiple Products	Zyxel firewalls (ATP, USG, VM) and AP Controllers (NXC2500 and NXC5500) contain a use of hard-coded credentials vulnera…	CRÍTICA	2021-11-03

← Anterior Página 62 / 62 (1546 CVEs total)