Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2012-2945

Publication date:

29/10/2019

Hadoop 1.0.3 contains a symlink vulnerability.

Severity CVSS v4.0: Pending analysis

Last modification:

21/11/2024

CVE-2012-0046

Publication date:

29/10/2019

mediawiki allows deleted text to be exposed

Severity CVSS v4.0: Pending analysis

Last modification:

21/11/2024

CVE-2011-4931

Publication date:

29/10/2019

gpw generates shorter passwords than required

Severity CVSS v4.0: Pending analysis

Last modification:

21/11/2024

CVE-2012-1187

Publication date:

29/10/2019

Bitlbee does not drop extra group privileges correctly in unix.c

Severity CVSS v4.0: Pending analysis

Last modification:

21/11/2024

CVE-2009-3723

Publication date:

29/10/2019

asterisk allows calls on prohibited networks

Severity CVSS v4.0: Pending analysis

Last modification:

21/11/2024

CVE-2010-4237

Publication date:

29/10/2019

Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack.

Severity CVSS v4.0: Pending analysis

Last modification:

21/11/2024

CVE-2011-0428

Publication date:

29/10/2019

Cross Site Scripting (XSS) in ikiwiki before 3.20110122 could allow remote attackers to insert arbitrary JavaScript due to insufficient checking in comments.

Severity CVSS v4.0: Pending analysis

Last modification:

21/11/2024

CVE-2009-3887

Publication date:

29/10/2019

ytnef has directory traversal

Severity CVSS v4.0: Pending analysis

Last modification:

21/11/2024

CVE-2010-3373

Publication date:

29/10/2019

paxtest handles temporary files insecurely

Severity CVSS v4.0: Pending analysis

Last modification:

21/11/2024

CVE-2010-3375

Publication date:

29/10/2019

qtparted has insecure library loading which may allow arbitrary code execution

Severity CVSS v4.0: Pending analysis

Last modification:

21/11/2024

CVE-2019-4600

Publication date:

29/10/2019

IBM API Connect version V5.0.0.0 through 5.0.8.7 could reveal sensitive information to an attacker using a specially crafted HTTP request. IBM X-Force ID: 167883.

Severity CVSS v4.0: Pending analysis

Last modification:

24/08/2020

CVE-2019-4329

Publication date:

29/10/2019

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 161209.

Severity CVSS v4.0: Pending analysis

Last modification:

01/01/2022

Subscribe to Vulnerabilities