Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2023-52108

Publication date:
16/01/2024
Vulnerability of process priorities being raised in the ActivityManagerService module. Successful exploitation of this vulnerability will affect availability.
Severity CVSS v4.0: Pending analysis
Last modification:
02/06/2025

CVE-2023-52098

Publication date:
16/01/2024
Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this vulnerability will affect availability.
Severity CVSS v4.0: Pending analysis
Last modification:
11/06/2025

CVE-2023-52115

Publication date:
16/01/2024
The iaware module has a Use-After-Free (UAF) vulnerability. Successful exploitation of this vulnerability may affect the system functions.
Severity CVSS v4.0: Pending analysis
Last modification:
13/06/2025

CVE-2023-52112

Publication date:
16/01/2024
Unauthorized file access vulnerability in the wallpaper service module. Successful exploitation of this vulnerability may cause features to perform abnormally.
Severity CVSS v4.0: Pending analysis
Last modification:
20/06/2025

CVE-2023-52113

Publication date:
16/01/2024
launchAnyWhere vulnerability in the ActivityManagerService module. Successful exploitation of this vulnerability will affect availability.
Severity CVSS v4.0: Pending analysis
Last modification:
20/06/2025

CVE-2023-44112

Publication date:
16/01/2024
Out-of-bounds access vulnerability in the device authentication module. Successful exploitation of this vulnerability may affect confidentiality.
Severity CVSS v4.0: Pending analysis
Last modification:
03/09/2024

CVE-2023-52109

Publication date:
16/01/2024
Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality.
Severity CVSS v4.0: Pending analysis
Last modification:
02/06/2025

CVE-2023-52111

Publication date:
16/01/2024
Authorization vulnerability in the BootLoader module. Successful exploitation of this vulnerability may affect service integrity.
Severity CVSS v4.0: Pending analysis
Last modification:
11/06/2025

CVE-2023-44117

Publication date:
16/01/2024
Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality.
Severity CVSS v4.0: Pending analysis
Last modification:
17/06/2025

CVE-2023-4566

Publication date:
16/01/2024
Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality.
Severity CVSS v4.0: Pending analysis
Last modification:
20/06/2025

CVE-2023-52110

Publication date:
16/01/2024
The sensor module has an out-of-bounds access vulnerability.Successful exploitation of this vulnerability may affect availability.
Severity CVSS v4.0: Pending analysis
Last modification:
20/06/2025

CVE-2011-10005

Publication date:
16/01/2024
A vulnerability, which was classified as critical, was found in EasyFTP 1.7.0.2. Affected is an unknown function of the component MKD Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250716.
Severity CVSS v4.0: Pending analysis
Last modification:
21/11/2024