Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2012-0512
Publication date:
03/05/2012
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 11.1.0.7 and 11.2.0.2 and Oracle Enterprise Manager Grid Control allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Enterprise Config Management.
Severity CVSS v4.0: Pending analysis
Last modification:
11/04/2025

CVE-2012-0520
Publication date:
03/05/2012
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2, and in Oracle Enterprise Manager Grid Control 10.2.0.5 and 11.1.0.1, allows remote attackers to affect integrity via unknown vectors related to Security Framework.
Severity CVSS v4.0: Pending analysis
Last modification:
11/04/2025

CVE-2012-0523
Publication date:
03/05/2012
Unspecified vulnerability in the Oracle Grid Engine component in Oracle Sun Products Suite 6.1 and 6.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to sgepasswd.
Severity CVSS v4.0: Pending analysis
Last modification:
11/04/2025

CVE-2012-0525
Publication date:
03/05/2012
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3, and Oracle Enterprise Manager Grid Control 10.2.0.5 and 11.1.0.1, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Enterprise Config Management.
Severity CVSS v4.0: Pending analysis
Last modification:
11/04/2025

CVE-2011-4022
Publication date:
03/05/2012
The sensor in Cisco Intrusion Prevention System (IPS) 7.0 and 7.1 allows remote attackers to cause a denial of service (file-handle exhaustion and mainApp hang) by making authentication attempts that exceed the configured limit, aka Bug ID CSCto51204.
Severity CVSS v4.0: Pending analysis
Last modification:
11/04/2025

CVE-2011-4231
Publication date:
03/05/2012
Cisco IOS 15.1 and 15.2 and IOS XE 3.x, when configured as an IPsec hub with X.509 certificates in use, allows remote authenticated users to cause a denial of service (segmentation fault and device crash) via unspecified vectors, aka Bug ID CSCtq61128.
Severity CVSS v4.0: Pending analysis
Last modification:
11/04/2025

CVE-2011-4232
Publication date:
03/05/2012
The web server in Cisco Unified MeetingPlace 6.1 and 8.5 produces different responses for directory queries depending on whether the directory exists, which allows remote attackers to enumerate directory names via a series of queries, aka Bug ID CSCtt94070.
Severity CVSS v4.0: Pending analysis
Last modification:
11/04/2025

CVE-2011-4019
Publication date:
03/05/2012
Memory leak in Cisco IOS 12.4 and 15.0 through 15.2, and Cisco Unified Communications Manager (CUCM) 7.x, allows remote attackers to cause a denial of service (memory consumption) via a crafted response to a SIP SUBSCRIBE message, aka Bug IDs CSCto93837 and CSCtj61883.
Severity CVSS v4.0: Pending analysis
Last modification:
11/04/2025

CVE-2011-4237
Publication date:
03/05/2012
CRLF injection vulnerability in autologin.jsp in Cisco CiscoWorks Common Services 4.0, as used in Cisco Prime LAN Management Solution and other products, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the URL parameter, aka Bug ID CSCtu18693.
Severity CVSS v4.0: Pending analysis
Last modification:
11/04/2025

CVE-2011-4023
Publication date:
03/05/2012
Memory leak in libcmd in Cisco NX-OS 5.0 on Nexus switches allows remote authenticated users to cause a denial of service (memory consumption) via SNMP requests, aka Bug ID CSCtr65682.
Severity CVSS v4.0: Pending analysis
Last modification:
11/04/2025

CVE-2012-0735
Publication date:
03/05/2012
IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not properly scan file: URLs, which allows man-in-the-middle attackers to obtain sensitive information or possibly have unspecified other impact via a crafted URI.
Severity CVSS v4.0: Pending analysis
Last modification:
11/04/2025

CVE-2012-0736
Publication date:
03/05/2012
IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not properly create scan jobs, which allows remote attackers to execute arbitrary code via a crafted web site.
Severity CVSS v4.0: Pending analysis
Last modification:
11/04/2025
Subscribe to Vulnerabilities