Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2024-49842

Publication date:
06/05/2025
Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.
Severity CVSS v4.0: Pending analysis
Last modification:
09/05/2025

CVE-2024-49835

Publication date:
06/05/2025
Memory corruption while reading secure file.
Severity CVSS v4.0: Pending analysis
Last modification:
09/05/2025

CVE-2024-49841

Publication date:
06/05/2025
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.
Severity CVSS v4.0: Pending analysis
Last modification:
09/05/2025

CVE-2024-49829

Publication date:
06/05/2025
Memory corruption can occur during context user dumps due to inadequate checks on buffer length.
Severity CVSS v4.0: Pending analysis
Last modification:
09/05/2025

CVE-2024-49830

Publication date:
06/05/2025
Memory corruption while processing an IOCTL call to set mixer controls.
Severity CVSS v4.0: Pending analysis
Last modification:
09/05/2025

CVE-2024-45578

Publication date:
06/05/2025
Memory corruption while acquire and update IOCTLs during IFE output resource ID validation.
Severity CVSS v4.0: Pending analysis
Last modification:
09/05/2025

CVE-2024-45579

Publication date:
06/05/2025
Memory corruption may occur when invoking IOCTL calls from userspace to the camera kernel driver to dump request information, due to a missing memory requirement check.
Severity CVSS v4.0: Pending analysis
Last modification:
09/05/2025

CVE-2024-45581

Publication date:
06/05/2025
Memory corruption while sound model registration for voice activation with audio kernel driver.
Severity CVSS v4.0: Pending analysis
Last modification:
09/05/2025

CVE-2024-45583

Publication date:
06/05/2025
Memory corruption while handling multiple IOCTL calls from userspace to operate DMA operations.
Severity CVSS v4.0: Pending analysis
Last modification:
09/05/2025

CVE-2024-45577

Publication date:
06/05/2025
Memory corruption while invoking IOCTL calls from userspace to camera kernel driver to dump request information.
Severity CVSS v4.0: Pending analysis
Last modification:
09/05/2025

CVE-2024-45576

Publication date:
06/05/2025
Memory corruption while prociesing command buffer buffer in OPE module.
Severity CVSS v4.0: Pending analysis
Last modification:
09/05/2025

CVE-2024-45575

Publication date:
06/05/2025
Memory corruption Camera kernel when large number of devices are attached through userspace.
Severity CVSS v4.0: Pending analysis
Last modification:
09/05/2025