Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2022-23086
Publication date:
15/02/2024
Handlers for *_CFG_PAGE read / write ioctls in the mpr, mps, and mpt drivers allocated a buffer of a caller-specified size, but copied to it a fixed size header. Other heap content would be overwritten if the specified size was too small.<br /> <br /> Users with access to the mpr, mps or mpt device node may overwrite heap data, potentially resulting in privilege escalation. Note that the device node is only accessible to root and members of the operator group.
Severity CVSS v4.0: Pending analysis
Last modification:
09/12/2024

CVE-2022-23087
Publication date:
15/02/2024
The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload ("TSO"). The e1000 device model uses an on-stack buffer to generate the modified packet header when simulating these modifications on transmitted packets.<br /> <br /> When checksum offload is requested for a transmitted packet, the e1000 device model used a guest-provided value to specify the checksum offset in the on-stack buffer. The offset was not validated for certain packet types.<br /> <br /> A misbehaving bhyve guest could overwrite memory in the bhyve process on the host, possibly leading to code execution in the host context.<br /> <br /> The bhyve process runs in a Capsicum sandbox, which (depending on the FreeBSD version and bhyve configuration) limits the impact of exploiting this issue.
Severity CVSS v4.0: Pending analysis
Last modification:
27/03/2025

CVE-2022-23088
Publication date:
15/02/2024
The 802.11 beacon handling routine failed to validate the length of an IEEE 802.11s Mesh ID before copying it to a heap-allocated buffer.<br /> <br /> While a FreeBSD Wi-Fi client is in scanning mode (i.e., not associated with a SSID) a malicious beacon frame may overwrite kernel memory, leading to remote code execution.
Severity CVSS v4.0: Pending analysis
Last modification:
04/06/2025

CVE-2022-23089
Publication date:
15/02/2024
When dumping core and saving process information, proc_getargv() might return an sbuf which have a sbuf_len() of 0 or -1, which is not properly handled.<br /> <br /> An out-of-bound read can happen when user constructs a specially crafted ps_string, which in turn can cause the kernel to crash.
Severity CVSS v4.0: Pending analysis
Last modification:
04/06/2025

CVE-2022-23084
Publication date:
15/02/2024
The total size of the user-provided nmreq to nmreq_copyin() was first computed and then trusted during the copyin. This time-of-check to time-of-use bug could lead to kernel memory corruption.<br /> <br /> On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment.
Severity CVSS v4.0: Pending analysis
Last modification:
09/12/2024

CVE-2024-26261
Publication date:
15/02/2024
The functionality for file download in HGiga OAKlouds&amp;#39; certain modules contains an Arbitrary File Read and Delete vulnerability. Attackers can put file path in specific request parameters, allowing them to download the file without login. Furthermore, the file will be deleted after being downloaded.
Severity CVSS v4.0: Pending analysis
Last modification:
23/01/2025

CVE-2024-26262
Publication date:
15/02/2024
EBM Technologies Uniweb/SoliPACS WebServer&amp;#39;s query functionality lacks proper restrictions of user input, allowing remote attackers authenticated as regular user to inject SQL commands for reading, modifying, and deleting database records, as well as executing system commands. Attackers may even leverage the dbo privilege in the database for privilege escalation, elevating their privileges to administrator .
Severity CVSS v4.0: Pending analysis
Last modification:
23/01/2025

CVE-2024-26263
Publication date:
15/02/2024
EBM Technologies RISWEB&amp;#39;s specific URL path is not properly controlled by permission, allowing attackers to browse specific pages and query sensitive data without login.
Severity CVSS v4.0: Pending analysis
Last modification:
23/01/2025

CVE-2024-26264
Publication date:
15/02/2024
EBM Technologies RISWEB&amp;#39;s specific query function parameter does not properly restrict user input, and this feature page is accessible without login. This allows remote attackers to inject SQL commands without authentication, enabling them to read, modify, and delete database records.
Severity CVSS v4.0: Pending analysis
Last modification:
23/01/2025

CVE-2024-26260
Publication date:
15/02/2024
The functionality for synchronization in HGiga OAKlouds&amp;#39; certain moudules has an OS Command Injection vulnerability, allowing remote attackers to inject system commands within specific request parameters. This enables the execution of arbitrary code on the remote server without permission.
Severity CVSS v4.0: Pending analysis
Last modification:
23/01/2025

CVE-2024-1523
Publication date:
15/02/2024
EC-WEB FS-EZViewer(Web)&amp;#39;s query functionality lacks proper restrictions of user input, allowing remote attackers authenticated as regular user to inject SQL commands for reading, modifying, and deleting database records, as well as executing system commands. Attackers may even leverage the dbo privilege in the database for privilege escalation, elevating their privileges to administrator.
Severity CVSS v4.0: Pending analysis
Last modification:
23/01/2025

CVE-2024-25620
Publication date:
15/02/2024
Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name. This issue has been resolved in Helm v3.14.1. Users unable to upgrade should check all charts used by Helm for path changes in their name as found in the `Chart.yaml` file. This includes dependencies.
Severity CVSS v4.0: Pending analysis
Last modification:
09/01/2025
Subscribe to Vulnerabilities