Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2019-18367
Publication date:
31/10/2019
In JetBrains TeamCity before 2019.1.2, a non-destructive operation could be performed by a user without the corresponding permissions.
Severity CVSS v4.0: Pending analysis
Last modification:
04/11/2019

CVE-2019-18368
Publication date:
31/10/2019
In JetBrains Toolbox App before 1.15.5666 for Windows, privilege escalation was possible.
Severity CVSS v4.0: Pending analysis
Last modification:
24/08/2020

CVE-2019-3421
Publication date:
31/10/2019
The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE product ZX297520V3 are impacted by a Command Injection vulnerability. Unauthorized users can exploit this vulnerability to control the user terminal system.
Severity CVSS v4.0: Pending analysis
Last modification:
24/08/2020

CVE-2009-5041
Publication date:
31/10/2019
overkill has buffer overflow via long player names that can corrupt data on the server machine
Severity CVSS v4.0: Pending analysis
Last modification:
21/11/2024

CVE-2009-5042
Publication date:
31/10/2019
python-docutils allows insecure usage of temporary files
Severity CVSS v4.0: Pending analysis
Last modification:
21/11/2024

CVE-2009-5043
Publication date:
31/10/2019
burn allows file names to escape via mishandled quotation marks
Severity CVSS v4.0: Pending analysis
Last modification:
21/11/2024

CVE-2010-2490
Publication date:
31/10/2019
Mumble: murmur-server has DoS due to malformed client query
Severity CVSS v4.0: Pending analysis
Last modification:
21/11/2024

CVE-2019-18365
Publication date:
31/10/2019
In JetBrains TeamCity before 2019.1.4, reverse tabnabbing was possible on several pages.
Severity CVSS v4.0: Pending analysis
Last modification:
07/11/2019

CVE-2019-18366
Publication date:
31/10/2019
In JetBrains TeamCity before 2019.1.2, secure values could be exposed to users with the "View build runtime parameters and data" permission.
Severity CVSS v4.0: Pending analysis
Last modification:
04/11/2019

CVE-2019-18360
Publication date:
31/10/2019
In JetBrains Hub versions earlier than 2019.1.11738, username enumeration was possible through password recovery.
Severity CVSS v4.0: Pending analysis
Last modification:
21/07/2021

CVE-2019-18362
Publication date:
31/10/2019
JetBrains MPS before 2019.2.2 exposed listening ports to the network.
Severity CVSS v4.0: Pending analysis
Last modification:
21/07/2021

CVE-2019-18363
Publication date:
31/10/2019
In JetBrains TeamCity before 2019.1.2, access could be gained to the history of builds of a deleted build configuration under some circumstances.
Severity CVSS v4.0: Pending analysis
Last modification:
21/07/2021
Subscribe to Vulnerabilities