Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2023-39332
Publication date:
18/10/2023
Various `node:fs` functions allow specifying paths as either strings or `Uint8Array` objects. In Node.js environments, the `Buffer` class extends the `Uint8Array` class. Node.js prevents path traversal through strings (see CVE-2023-30584) and `Buffer` objects (see CVE-2023-32004), but not through non-`Buffer` `Uint8Array` objects.<br /> <br /> This is distinct from CVE-2023-32004 which only referred to `Buffer` objects. However, the vulnerability follows the same pattern using `Uint8Array` instead of `Buffer`.<br /> <br /> Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
Severity CVSS v4.0: Pending analysis
Last modification:
03/11/2025

CVE-2023-38545
Publication date:
18/10/2023
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy<br /> handshake.<br /> <br /> When curl is asked to pass along the host name to the SOCKS5 proxy to allow<br /> that to resolve the address instead of it getting done by curl itself, the<br /> maximum length that host name can be is 255 bytes.<br /> <br /> If the host name is detected to be longer, curl switches to local name<br /> resolving and instead passes on the resolved address only. Due to this bug,<br /> the local variable that means "let the host resolve the name" could get the<br /> wrong value during a slow SOCKS5 handshake, and contrary to the intention,<br /> copy the too long host name to the target buffer instead of copying just the<br /> resolved address there.<br /> <br /> The target buffer being a heap based buffer, and the host name coming from the<br /> URL that curl has been told to operate with.
Severity CVSS v4.0: Pending analysis
Last modification:
12/05/2026

CVE-2023-38546
Publication date:
18/10/2023
This flaw allows an attacker to insert cookies at will into a running program<br /> using libcurl, if the specific series of conditions are met.<br /> <br /> libcurl performs transfers. In its API, an application creates "easy handles"<br /> that are the individual handles for single transfers.<br /> <br /> libcurl provides a function call that duplicates en easy handle called<br /> [curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html).<br /> <br /> If a transfer has cookies enabled when the handle is duplicated, the<br /> cookie-enable state is also cloned - but without cloning the actual<br /> cookies. If the source handle did not read any cookies from a specific file on<br /> disk, the cloned version of the handle would instead store the file name as<br /> `none` (using the four ASCII letters, no quotes).<br /> <br /> Subsequent use of the cloned handle that does not explicitly set a source to<br /> load cookies from would then inadvertently load cookies from a file named<br /> `none` - if such a file exists and is readable in the current directory of the<br /> program using libcurl. And if using the correct file format of course.
Severity CVSS v4.0: Pending analysis
Last modification:
12/05/2026

CVE-2023-35083
Publication date:
18/10/2023
Allows an authenticated attacker with network access to read arbitrary files on Endpoint Manager recently discovered on 2022 SU3 and all previous versions potentially leading to the leakage of sensitive information.
Severity CVSS v4.0: Pending analysis
Last modification:
25/10/2023

CVE-2023-5552
Publication date:
18/10/2023
A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to “Specified by sender”.
Severity CVSS v4.0: Pending analysis
Last modification:
25/10/2023

CVE-2023-5626
Publication date:
18/10/2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/ojs prior to 3.3.0-16.
Severity CVSS v4.0: Pending analysis
Last modification:
25/10/2023

CVE-2023-41711
Publication date:
17/10/2023
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the sonicwall.exp, prefs.exp URL endpoints lead to a firewall crash.
Severity CVSS v4.0: Pending analysis
Last modification:
19/10/2023

CVE-2023-41712
Publication date:
17/10/2023
SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash.
Severity CVSS v4.0: Pending analysis
Last modification:
19/10/2023

CVE-2023-41713
Publication date:
17/10/2023
SonicOS Use of Hard-coded Password vulnerability in the &amp;#39;dynHandleBuyToolbar&amp;#39; demo function.
Severity CVSS v4.0: Pending analysis
Last modification:
19/10/2023

CVE-2023-41715
Publication date:
17/10/2023
SonicOS post-authentication Improper Privilege Management vulnerability in the SonicOS SSL VPN Tunnel allows users to elevate their privileges inside the tunnel.<br />
Severity CVSS v4.0: Pending analysis
Last modification:
02/05/2025

CVE-2023-42506
Publication date:
17/10/2023
Improper restriction of operations within the bounds of a memory buffer issue exists in OnSinView2 versions 2.0.1 and earlier. If this vulnerability is exploited, information may be disclosed or arbitrary code may be executed by having a user open a specially crafted OnSinView2 project file.
Severity CVSS v4.0: Pending analysis
Last modification:
24/10/2023

CVE-2023-42507
Publication date:
17/10/2023
Stack-based buffer overflow vulnerability exists in OnSinView2 versions 2.0.1 and earlier. If this vulnerability is exploited, information may be disclosed or arbitrary code may be executed by having a user open a specially crafted OnSinView2 project file.
Severity CVSS v4.0: Pending analysis
Last modification:
24/10/2023
Subscribe to Vulnerabilities