Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2025-21485

Publication date:
03/06/2025
Memory corruption while processing INIT and multimode invoke IOCTL calls on FastRPC.
Severity CVSS v4.0: Pending analysis
Last modification:
04/06/2025

CVE-2025-21486

Publication date:
03/06/2025
Memory corruption during dynamic process creation call when client is only passing address and length of shell binary.
Severity CVSS v4.0: Pending analysis
Last modification:
04/06/2025

CVE-2025-27029

Publication date:
03/06/2025
Transient DOS while processing the tone measurement response buffer when the response buffer is out of range.
Severity CVSS v4.0: Pending analysis
Last modification:
04/06/2025

CVE-2025-27031

Publication date:
03/06/2025
memory corruption while processing IOCTL commands, when the buffer in write loopback mode is accessed after being freed.
Severity CVSS v4.0: Pending analysis
Last modification:
04/06/2025

CVE-2024-53019

Publication date:
03/06/2025
Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources.
Severity CVSS v4.0: Pending analysis
Last modification:
04/06/2025

CVE-2024-53020

Publication date:
03/06/2025
Information disclosure may occur while decoding the RTP packet with invalid header extension from network.
Severity CVSS v4.0: Pending analysis
Last modification:
04/06/2025

CVE-2024-53021

Publication date:
03/06/2025
Information disclosure may occur while processing goodbye RTCP packet from network.
Severity CVSS v4.0: Pending analysis
Last modification:
04/06/2025

CVE-2024-53026

Publication date:
03/06/2025
Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.
Severity CVSS v4.0: Pending analysis
Last modification:
04/06/2025

CVE-2025-21463

Publication date:
03/06/2025
Transient DOS while processing the EHT operation IE in the received beacon frame.
Severity CVSS v4.0: Pending analysis
Last modification:
04/06/2025

CVE-2024-53013

Publication date:
03/06/2025
Memory corruption may occur while processing voice call registration with user.
Severity CVSS v4.0: Pending analysis
Last modification:
04/06/2025

CVE-2024-53015

Publication date:
03/06/2025
Memory corruption while processing IOCTL command to handle buffers associated with a session.
Severity CVSS v4.0: Pending analysis
Last modification:
04/06/2025

CVE-2024-53016

Publication date:
03/06/2025
Memory corruption while processing I2C settings in Camera driver.
Severity CVSS v4.0: Pending analysis
Last modification:
04/06/2025