Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2025-21462

Publication date:

06/05/2025

Memory corruption while processing an IOCTL request, when buffer significantly exceeds the command argument limit.

Severity CVSS v4.0: Pending analysis

Last modification:

09/05/2025

CVE-2025-21467

Publication date:

06/05/2025

Memory corruption while reading the FW response from the shared queue.

Severity CVSS v4.0: Pending analysis

Last modification:

11/08/2025

CVE-2024-49844

Publication date:

06/05/2025

Memory corruption while triggering commands in the PlayReady Trusted application.

Severity CVSS v4.0: Pending analysis

Last modification:

11/08/2025

CVE-2024-49845

Publication date:

06/05/2025

Memory corruption during the FRS UDS generation process.

Severity CVSS v4.0: Pending analysis

Last modification:

09/05/2025

CVE-2024-49846

Publication date:

06/05/2025

Memory corruption while decoding of OTA messages from T3448 IE.

Severity CVSS v4.0: Pending analysis

Last modification:

09/05/2025

CVE-2024-49847

Publication date:

06/05/2025

Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE.

Severity CVSS v4.0: Pending analysis

Last modification:

09/05/2025

CVE-2025-21453

Publication date:

06/05/2025

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.

Severity CVSS v4.0: Pending analysis

Last modification:

11/08/2025

CVE-2024-49829

Publication date:

06/05/2025

Memory corruption can occur during context user dumps due to inadequate checks on buffer length.

Severity CVSS v4.0: Pending analysis

Last modification:

09/05/2025

CVE-2024-49830

Publication date:

06/05/2025

Memory corruption while processing an IOCTL call to set mixer controls.

Severity CVSS v4.0: Pending analysis

Last modification:

09/05/2025

CVE-2024-49835

Publication date:

06/05/2025

Memory corruption while reading secure file.

Severity CVSS v4.0: Pending analysis

Last modification:

09/05/2025

CVE-2024-49842

Publication date:

06/05/2025

Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.

Severity CVSS v4.0: Pending analysis

Last modification:

11/08/2025

CVE-2024-49841

Publication date:

06/05/2025

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.

Severity CVSS v4.0: Pending analysis

Last modification:

19/12/2025

Subscribe to Vulnerabilities