Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2025-20228
Publication date:
26/03/2025
In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Splunk roles could change the maintenance mode state of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF).
Severity CVSS v4.0: Pending analysis
Last modification:
21/07/2025

CVE-2025-20229
Publication date:
26/03/2025
In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions below 9.3.2408.104, 9.2.2406.108, 9.2.2403.114, and 9.1.2312.208, a low-privileged user that does not hold the "admin" or "power" Splunk roles could perform a Remote Code Execution (RCE) through a file upload to the "$SPLUNK_HOME/var/run/splunk/apptemp" directory due to missing authorization checks.
Severity CVSS v4.0: Pending analysis
Last modification:
21/07/2025

CVE-2024-55965
Publication date:
26/03/2025
An issue was discovered in Appsmith before 1.51. Users invited as "App Viewer" incorrectly have access to development information of a workspace (specifically, a list of datasources in a workspace they're a member of). This information disclosure does not expose sensitive data in the datasources, such as database passwords and API Keys.
Severity CVSS v4.0: Pending analysis
Last modification:
08/07/2025

CVE-2025-31160
Publication date:
26/03/2025
atop through 2.11.0 allows local users to cause a denial of service (e.g., assertion failure and application exit) or possibly have unspecified other impact by running certain types of unprivileged processes while a different user runs atop.
Severity CVSS v4.0: Pending analysis
Last modification:
07/04/2025

CVE-2025-2787
Publication date:
26/03/2025
KNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 ( a.k.a IngressNightmare ) vulnerability which affects the ingress-nginx component. In the worst case a complete takeover of the Kubernetes cluster is possible. Since the affected component is only reachable from within the cluster, i.e. requires an authenticated user, the severity in the context of KNIME Business Hub is slightly lower.<br /> <br /> <br /> <br /> Besides applying the publicly known workarounds, we strongly recommend updating to one of the following versions of KNIME Business Hub: <br /> <br /> <br /> <br /> * 1.13.3 or above <br /> <br /> <br /> <br /> <br /> <br /> <br /> * 1.12.4 or above <br /> <br /> <br /> <br /> <br /> <br /> <br /> * 1.11.4 or above <br /> <br /> <br /> <br /> <br /> <br /> <br /> * 1.10.4 or above<br /> <br /> <br /> <br /> <br /> <br /> <br /> <br /> <br /> *
Severity CVSS v4.0: HIGH
Last modification:
08/10/2025

CVE-2025-26010
Publication date:
26/03/2025
Telesquare TLR-2005KSH 1.1.4 allows unauthorized password modification when requesting the admin.cgi parameter with setUserNamePassword.
Severity CVSS v4.0: Pending analysis
Last modification:
01/04/2025

CVE-2025-26011
Publication date:
26/03/2025
Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setUsernamePassword.
Severity CVSS v4.0: Pending analysis
Last modification:
01/04/2025

CVE-2025-28361
Publication date:
26/03/2025
Unauthorized stack overflow vulnerability in Telesquare TLR-2005KSH v.1.1.4 allows a remote attacker to obtain sensitive information via the systemutil.cgi component.
Severity CVSS v4.0: Pending analysis
Last modification:
01/04/2025

CVE-2025-30073
Publication date:
26/03/2025
An issue was discovered in OPC cardsystems Webapp Aufwertung 2.1.0. The reference assigned to transactions can be reused. When completing a payment, the first or all transactions with the same reference are completed, depending on timing. This can be used to transfer more money onto employee cards than is paid.
Severity CVSS v4.0: Pending analysis
Last modification:
27/03/2025

CVE-2025-26008
Publication date:
26/03/2025
In Telesquare TLR-2005KSH 1.1.4, an unauthorized stack overflow vulnerability exists when requesting admin.cgi parameter with setSyncTimeHost.
Severity CVSS v4.0: Pending analysis
Last modification:
01/04/2025

CVE-2025-26009
Publication date:
26/03/2025
Telesquare TLR-2005KSH 1.1.4 has an Information Disclosure vulnerability when requesting systemutilit.cgi.
Severity CVSS v4.0: Pending analysis
Last modification:
01/04/2025

CVE-2024-55963
Publication date:
26/03/2025
An issue was discovered in Appsmith before 1.51. A user on Appsmith that doesn&amp;#39;t have admin permissions can trigger the restart API on Appsmith, causing a server restart. This is still within the Appsmith container, and the impact is limited to Appsmith&amp;#39;s own server only, but there is a denial of service because it can be continually restarted. This is due to incorrect access control checks, which should check for super user permissions on the incoming request.
Severity CVSS v4.0: Pending analysis
Last modification:
01/04/2025
Subscribe to Vulnerabilities