Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2025-20154
Publication date:
07/05/2025
A vulnerability in the Two-Way Active Measurement Protocol (TWAMP) server feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. For Cisco IOS XR Software, this vulnerability could cause the ipsla_ippm_server&amp;nbsp;process to reload unexpectedly if debugs are enabled.<br /> <br /> This vulnerability is due to out-of-bounds array access when processing specially crafted TWAMP control packets. An attacker could exploit this vulnerability by sending crafted TWAMP control packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.<br /> Note: For Cisco IOS XR Software, only the ipsla_ippm_server process reloads unexpectedly and only when debugs are enabled. The vulnerability details for Cisco IOS XR Software are as follows:&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;Security Impact Rating (SIR): Low&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;CVSS Base Score: 3.7&amp;nbsp;&amp;nbsp;&amp;nbsp;&amp;nbsp;CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Severity CVSS v4.0: Pending analysis
Last modification:
31/07/2025

CVE-2025-20155
Publication date:
07/05/2025
A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system.<br /> <br /> This vulnerability is due to insufficient input validation of the bootstrap file that is read by the system software when a device is first deployed in SD-WAN mode or when an administrator configures SD-Routing on the device. An attacker could exploit this vulnerability by modifying a bootstrap file generated by Cisco Catalyst SD-WAN Manager, loading it into the device flash, and then either reloading the device in a green field deployment in SD-WAN mode or configuring the device with SD-Routing. A successful exploit could allow the attacker to perform arbitrary file writes to the underlying operating system.
Severity CVSS v4.0: Pending analysis
Last modification:
31/07/2025

CVE-2025-20157
Publication date:
07/05/2025
A vulnerability in certificate validation processing of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to gain access to sensitive information.<br /> <br /> This vulnerability is due to improper validation of certificates that are used by the Smart Licensing feature. An attacker with a privileged network position could exploit this vulnerability by intercepting traffic that is sent over the Internet. A successful exploit could allow the attacker to gain access to sensitive information, including credentials used by the device to connect to Cisco cloud services.
Severity CVSS v4.0: Pending analysis
Last modification:
04/08/2025

CVE-2025-20162
Publication date:
07/05/2025
A vulnerability in the DHCP snooping security feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a full interface queue wedge, which could result in a denial of service (DoS) condition.<br /> <br /> This vulnerability is due to improper handling of DHCP request packets. An attacker could exploit this vulnerability by sending DHCP request packets to an affected device. A successful exploit could allow the attacker to cause packets to wedge in the queue, creating a DoS condition for downstream devices of the affected system and requiring that the system restart to drain the queue.<br /> <br /> Note: This vulnerability can be exploited with either unicast or broadcast DHCP packets on a VLAN that does not have DHCP snooping enabled.
Severity CVSS v4.0: Pending analysis
Last modification:
11/07/2025

CVE-2025-20122
Publication date:
07/05/2025
A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to gain privileges of the root user on the underlying operating system.<br /> <br /> This vulnerability is due to insufficient input validation. An authenticated attacker with read-only privileges on the SD-WAN Manager system could exploit this vulnerability by sending a crafted request to the CLI of the SD-WAN Manager. A successful exploit could allow the attacker to gain root privileges on the underlying operating system.
Severity CVSS v4.0: Pending analysis
Last modification:
31/07/2025

CVE-2025-20137
Publication date:
07/05/2025
A vulnerability in the access control list (ACL) programming of Cisco IOS Software that is running on Cisco Catalyst 1000 Switches and Cisco Catalyst 2960L Switches could allow an unauthenticated, remote attacker to bypass a configured ACL.<br /> <br /> This vulnerability is due to the use of both an IPv4 ACL and a dynamic ACL of IP Source Guard on the same interface, which is an unsupported configuration. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device.<br /> <br /> Note: Cisco documentation has been updated to reflect that this is an unsupported configuration. However, Cisco is publishing this advisory because the device will not prevent an administrator from configuring both features on the same interface. There are no plans to implement the ability to configure both features on the same interface on Cisco Catalyst 1000 or Catalyst 2960L Switches.
Severity CVSS v4.0: Pending analysis
Last modification:
05/08/2025

CVE-2025-20140
Publication date:
07/05/2025
A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent wireless attacker to cause a denial of service (DoS) condition.<br /> <br /> This vulnerability is due to improper memory management. An attacker could exploit this vulnerability by sending a series of IPv6 network requests from an associated wireless IPv6 client to an affected device. To associate a client to a device, an attacker may first need to authenticate to the network, or associate freely in the case of a configured open network. A successful exploit could allow the attacker to cause the wncd process to consume available memory and eventually cause the device to stop responding, resulting in a DoS condition.
Severity CVSS v4.0: Pending analysis
Last modification:
31/07/2025

CVE-2025-20147
Publication date:
07/05/2025
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to conduct a stored cross-site scripting attack (XSS) on an affected system.&amp;nbsp;<br /> <br /> This vulnerability is due to improper sanitization of user input to the web-based management interface. An attacker could exploit this vulnerability by submitting a malicious script through the interface. A successful exploit could allow the attacker to conduct a stored XSS attack on the affected system.
Severity CVSS v4.0: Pending analysis
Last modification:
31/07/2025

CVE-2025-46551
Publication date:
07/05/2025
JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library. Starting in JRuby-OpenSSL version 0.12.1 and prior to version 0.15.4 (corresponding to JRuby versions starting in 9.3.4.0 prior to 9.4.12.1 and 10.0.0.0 prior to 10.0.0.1), when verifying SSL certificates, JRuby-OpenSSL does not verify that the hostname presented in the certificate matches the one the user tries to connect to. This means a man-in-the-middle could just present any valid cert for a completely different domain they own, and JRuby would accept the cert. Anybody using JRuby to make requests of external APIs, or scraping the web, that depends on https to connect securely. JRuby-OpenSSL version 0.15.4 contains a fix for the issue. This fix is included in JRuby versions 10.0.0.1 and 9.4.12.1.
Severity CVSS v4.0: MEDIUM
Last modification:
21/10/2025

CVE-2025-46827
Publication date:
07/05/2025
Graylog is a free and open log management platform. Prior to versions 6.0.14, 6.1.10, and 6.2.0, it is possible to obtain user session cookies by submitting an HTML form as part of an Event Definition Remediation Step field. For this attack to succeed, the attacker needs a user account with permissions to create event definitions, while the user must have permissions to view alerts. Additionally, an active Input must be present on the Graylog server that is capable of receiving form data (e.g. a HTTP input, TCP raw or syslog etc). Versions 6.0.14, 6.1.10, and 6.2.0 fix the issue. No known workarounds are available, as long as the relatively rare prerequisites are met.
Severity CVSS v4.0: Pending analysis
Last modification:
03/11/2025

CVE-2024-47619
Publication date:
07/05/2025
syslog-ng is an enhanced log daemo. Prior to version 4.8.2, `tls_wildcard_match()` matches on certificates such as `foo.*.bar` although that is not allowed. It is also possible to pass partial wildcards such as `foo.a*c.bar` which glib matches but should be avoided / invalidated. This issue could have an impact on TLS connections, such as in man-in-the-middle situations. Version 4.8.2 contains a fix for the issue.
Severity CVSS v4.0: Pending analysis
Last modification:
22/09/2025

CVE-2025-47692
Publication date:
07/05/2025
Missing Authorization vulnerability in contentstudio Contentstudio contentstudio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contentstudio: from n/a through
Severity CVSS v4.0: Pending analysis
Last modification:
01/04/2026
Subscribe to Vulnerabilities