Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2015-10142
Publication date:
25/07/2025
Sitecore Experience Platform (XP) prior to 8.0 Initial Release (rev. 141212) and Content Management System (CMS) prior to 7.2 Update-3 (rev. 141226) and prior to 7.5 Update-1 (rev. 150130) contain a vulnerability that may allow an attacker to download files under the web root of the site when the name of the file is already known via a specially-crafted URL. Affected files do not include .config, .aspx or .cs files. The issue does not allow for directory browsing.
Severity CVSS v4.0: MEDIUM
Last modification:
29/07/2025

CVE-2016-15046
Publication date:
25/07/2025
A client-side remote code execution vulnerability exists in Hanwha Techwin Smart Security Manager (SSM) versions 1.32 and 1.4, due to improper restrictions on the PUT method exposed by the bundled Apache ActiveMQ instance (running on port 8161). An attacker can exploit this flaw through a Cross-Origin Resource Sharing (CORS) bypass combined with JavaScript-triggered file uploads to the web server, ultimately resulting in arbitrary code execution with SYSTEM privileges. <br /> <br /> This vulnerability bypasses the server-side mitigations introduced in ZDI-15-156 and ZDI-16-481 by shifting the exploitation to the client-side. <br /> <br /> This product is now referred to as Hanwha Wisenet SSM and it is unknown if current versions are affected.
Severity CVSS v4.0: HIGH
Last modification:
30/07/2025

CVE-2014-125114
Publication date:
25/07/2025
A stack-based buffer overflow vulnerability exists in i-Ftp version 2.20 due to improper handling of the Time attribute within Schedule.xml. By placing a specially crafted Schedule.xml file in the i-Ftp application directory, a remote attacker can trigger a buffer overflow during scheduled download parsing, potentially leading to arbitrary code execution or a crash.
Severity CVSS v4.0: HIGH
Last modification:
29/07/2025

CVE-2014-125115
Publication date:
25/07/2025
An unauthenticated SQL injection vulnerability exists in Pandora FMS version 5.0 SP2 and earlier. The mobile/index.php endpoint fails to properly sanitize user input in the loginhash_data parameter, allowing attackers to extract administrator credentials or active session tokens via crafted requests. This occurs because input is directly concatenated into an SQL query without adequate validation, enabling SQL injection. After authentication is bypassed, a second vulnerability in the File Manager component permits arbitrary PHP file uploads. The file upload functionality does not enforce MIME-type or file extension restrictions, allowing authenticated users to upload web shells into a publicly accessible directory and achieve remote code execution.
Severity CVSS v4.0: CRITICAL
Last modification:
29/07/2025

CVE-2013-10032
Publication date:
25/07/2025
An authenticated remote code execution vulnerability exists in GetSimpleCMS version 3.2.1. The application’s upload.php endpoint allows authenticated users to upload arbitrary files without proper validation of MIME types or extensions. By uploading a .pht file containing PHP code, an attacker can bypass blacklist-based restrictions and place executable code within the web root. A crafted request using a polyglot or disguised extension allows the attacker to execute the payload by accessing the file directly via the web server. This vulnerability exists due to the use of a blacklist for filtering file types instead of a whitelist.
Severity CVSS v4.0: HIGH
Last modification:
23/09/2025

CVE-2025-8159
Publication date:
25/07/2025
A vulnerability was found in D-Link DIR-513 1.0. It has been rated as critical. This issue affects the function formLanguageChange of the file /goform/formLanguageChange of the component HTTP POST Request Handler. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity CVSS v4.0: HIGH
Last modification:
16/09/2025

CVE-2025-8160
Publication date:
25/07/2025
A vulnerability classified as critical has been found in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of the file /goform/SetSysTimeCfg of the component httpd. The manipulation of the argument timeZone leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity CVSS v4.0: HIGH
Last modification:
05/08/2025

CVE-2025-52360
Publication date:
25/07/2025
A Cross-Site Scripting (XSS) vulnerability exists in the OPAC search feature of Koha Library Management System v24.05. Unsanitized input entered in the search field is reflected in the search history interface, leading to the execution of arbitrary JavaScript in the browser context when the user interacts with the interface.
Severity CVSS v4.0: Pending analysis
Last modification:
25/07/2025

CVE-2025-44608
Publication date:
25/07/2025
CloudClassroom-PHP Project v1.0 was discovered to contain a SQL injection vulnerability via the viewid parameter.
Severity CVSS v4.0: Pending analysis
Last modification:
07/08/2025

CVE-2025-45467
Publication date:
25/07/2025
Unitree Go1
Severity CVSS v4.0: Pending analysis
Last modification:
12/01/2026

CVE-2025-38436
Publication date:
25/07/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/scheduler: signal scheduled fence when kill job<br /> <br /> When an entity from application B is killed, drm_sched_entity_kill()<br /> removes all jobs belonging to that entity through<br /> drm_sched_entity_kill_jobs_work(). If application A&amp;#39;s job depends on a<br /> scheduled fence from application B&amp;#39;s job, and that fence is not properly<br /> signaled during the killing process, application A&amp;#39;s dependency cannot be<br /> cleared.<br /> <br /> This leads to application A hanging indefinitely while waiting for a<br /> dependency that will never be resolved. Fix this issue by ensuring that<br /> scheduled fences are properly signaled when an entity is killed, allowing<br /> dependent applications to continue execution.
Severity CVSS v4.0: Pending analysis
Last modification:
19/11/2025

CVE-2025-38433
Publication date:
25/07/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> riscv: fix runtime constant support for nommu kernels<br /> <br /> the `__runtime_fixup_32` function does not handle the case where `val` is<br /> zero correctly (as might occur when patching a nommu kernel and referring<br /> to a physical address below the 4GiB boundary whose upper 32 bits are all<br /> zero) because nothing in the existing logic prevents the code from taking<br /> the `else` branch of both nop-checks and emitting two `nop` instructions.<br /> <br /> This leaves random garbage in the register that is supposed to receive the<br /> upper 32 bits of the pointer instead of zero that when combined with the<br /> value for the lower 32 bits yields an invalid pointer and causes a kernel<br /> panic when that pointer is eventually accessed.<br /> <br /> The author clearly considered the fact that if the `lui` is converted into<br /> a `nop` that the second instruction needs to be adjusted to become an `li`<br /> instead of an `addi`, hence introducing the `addi_insn_mask` variable, but<br /> didn&amp;#39;t follow that logic through fully to the case where the `else` branch<br /> executes. To fix it just adjust the logic to ensure that the second `else`<br /> branch is not taken if the first instruction will be patched to a `nop`.
Severity CVSS v4.0: Pending analysis
Last modification:
19/11/2025
Subscribe to Vulnerabilities