Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2023-32451
Publication date:
06/02/2024
<br /> Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation<br /> <br />
Severity CVSS v4.0: Pending analysis
Last modification:
12/02/2024

CVE-2023-28063
Publication date:
06/02/2024
<br /> Dell BIOS contains a Signed to Unsigned Conversion Error vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to denial of service.<br /> <br />
Severity CVSS v4.0: Pending analysis
Last modification:
15/02/2024

CVE-2024-22433
Publication date:
06/02/2024
<br /> Dell Data Protection Search 19.2.0 and above contain an exposed password opportunity in plain text when using LdapSettings.get_ldap_info in DP Search. A remote unauthorized unauthenticated attacker could potentially exploit this vulnerability leading to a loss of Confidentiality, Integrity, Protection, and remote takeover of the system. This is a high-severity vulnerability as it allows an attacker to take complete control of DP Search to affect downstream protected devices.<br /> <br />
Severity CVSS v4.0: Pending analysis
Last modification:
13/02/2024

CVE-2023-52239
Publication date:
06/02/2024
The XML parser in Magic xpi Integration Platform 4.13.4 allows XXE attacks, e.g., via onItemImport.
Severity CVSS v4.0: Pending analysis
Last modification:
17/06/2025

CVE-2023-28049
Publication date:
06/02/2024
<br /> Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion vulnerability. A locally authenticated malicious user may exploit this vulnerability in order to perform a privileged arbitrary file delete.<br /> <br />
Severity CVSS v4.0: Pending analysis
Last modification:
13/02/2024

CVE-2023-25543
Publication date:
06/02/2024
<br /> Dell Power Manager, versions prior to 3.14, contain an Improper Authorization vulnerability in DPM service. A low privileged malicious user could potentially exploit this vulnerability in order to elevate privileges on the system. <br /> <br />
Severity CVSS v4.0: Pending analysis
Last modification:
12/02/2024

CVE-2023-43535
Publication date:
06/02/2024
Memory corruption when negative display IDs are sent as input while processing DISPLAYESCAPE event trigger.
Severity CVSS v4.0: Pending analysis
Last modification:
12/04/2024

CVE-2023-43536
Publication date:
06/02/2024
Transient DOS while parse fils IE with length equal to 1.
Severity CVSS v4.0: Pending analysis
Last modification:
11/08/2025

CVE-2023-43522
Publication date:
06/02/2024
Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL.
Severity CVSS v4.0: Pending analysis
Last modification:
11/08/2025

CVE-2023-43523
Publication date:
06/02/2024
Transient DOS while processing 11AZ RTT management action frame received through OTA.
Severity CVSS v4.0: Pending analysis
Last modification:
12/04/2024

CVE-2023-43532
Publication date:
06/02/2024
Memory corruption while reading ACPI config through the user mode app.
Severity CVSS v4.0: Pending analysis
Last modification:
12/04/2024

CVE-2023-43533
Publication date:
06/02/2024
Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.
Severity CVSS v4.0: Pending analysis
Last modification:
11/08/2025
Subscribe to Vulnerabilities