Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2021-47485
Publication date:
22/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields<br /> <br /> Overflowing either addrlimit or bytes_togo can allow userspace to trigger<br /> a buffer overflow of kernel memory. Check for overflows in all the places<br /> doing math on user controlled buffers.
Severity CVSS v4.0: Pending analysis
Last modification:
06/01/2025

CVE-2021-47486
Publication date:
22/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> riscv, bpf: Fix potential NULL dereference<br /> <br /> The bpf_jit_binary_free() function requires a non-NULL argument. When<br /> the RISC-V BPF JIT fails to converge in NR_JIT_ITERATIONS steps,<br /> jit_data-&gt;header will be NULL, which triggers a NULL<br /> dereference. Avoid this by checking the argument, prior calling the<br /> function.
Severity CVSS v4.0: Pending analysis
Last modification:
01/04/2025

CVE-2021-47487
Publication date:
22/05/2024
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity CVSS v4.0: Pending analysis
Last modification:
28/05/2024

CVE-2021-47488
Publication date:
22/05/2024
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity CVSS v4.0: Pending analysis
Last modification:
05/12/2024

CVE-2021-47490
Publication date:
22/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/ttm: fix memleak in ttm_transfered_destroy<br /> <br /> We need to cleanup the fences for ghost objects as well.<br /> <br /> Bug: https://bugzilla.kernel.org/show_bug.cgi?id=214029<br /> Bug: https://bugzilla.kernel.org/show_bug.cgi?id=214447
Severity CVSS v4.0: Pending analysis
Last modification:
24/01/2025

CVE-2021-47491
Publication date:
22/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> mm: khugepaged: skip huge page collapse for special files<br /> <br /> The read-only THP for filesystems will collapse THP for files opened<br /> readonly and mapped with VM_EXEC. The intended usecase is to avoid TLB<br /> misses for large text segments. But it doesn&amp;#39;t restrict the file types<br /> so a THP could be collapsed for a non-regular file, for example, block<br /> device, if it is opened readonly and mapped with EXEC permission. This<br /> may cause bugs, like [1] and [2].<br /> <br /> This is definitely not the intended usecase, so just collapse THP for<br /> regular files in order to close the attack surface.<br /> <br /> [shy828301@gmail.com: fix vm_file check [3]]
Severity CVSS v4.0: Pending analysis
Last modification:
29/09/2025

CVE-2021-47489
Publication date:
22/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/amdgpu: Fix even more out of bound writes from debugfs<br /> <br /> CVE-2021-42327 was fixed by:<br /> <br /> commit f23750b5b3d98653b31d4469592935ef6364ad67<br /> Author: Thelford Williams <br /> Date: Wed Oct 13 16:04:13 2021 -0400<br /> <br /> drm/amdgpu: fix out of bounds write<br /> <br /> but amdgpu_dm_debugfs.c contains more of the same issue so fix the<br /> remaining ones.<br /> <br /> v2:<br /> * Add missing fix in dp_max_bpc_write (Harry Wentland)
Severity CVSS v4.0: Pending analysis
Last modification:
18/11/2025

CVE-2021-47474
Publication date:
22/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> comedi: vmk80xx: fix bulk-buffer overflow<br /> <br /> The driver is using endpoint-sized buffers but must not assume that the<br /> tx and rx buffers are of equal size or a malicious device could overflow<br /> the slab-allocated receive buffer when doing bulk transfers.
Severity CVSS v4.0: Pending analysis
Last modification:
24/09/2025

CVE-2021-47475
Publication date:
22/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> comedi: vmk80xx: fix transfer-buffer overflows<br /> <br /> The driver uses endpoint-sized USB transfer buffers but up until<br /> recently had no sanity checks on the sizes.<br /> <br /> Commit e1f13c879a7c ("staging: comedi: check validity of wMaxPacketSize<br /> of usb endpoints found") inadvertently fixed NULL-pointer dereferences<br /> when accessing the transfer buffers in case a malicious device has a<br /> zero wMaxPacketSize.<br /> <br /> Make sure to allocate buffers large enough to handle also the other<br /> accesses that are done without a size check (e.g. byte 18 in<br /> vmk80xx_cnt_insn_read() for the VMK8061_MODEL) to avoid writing beyond<br /> the buffers, for example, when doing descriptor fuzzing.<br /> <br /> The original driver was for a low-speed device with 8-byte buffers.<br /> Support was later added for a device that uses bulk transfers and is<br /> presumably a full-speed device with a maximum 64-byte wMaxPacketSize.
Severity CVSS v4.0: Pending analysis
Last modification:
24/09/2025

CVE-2021-47476
Publication date:
22/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> comedi: ni_usb6501: fix NULL-deref in command paths<br /> <br /> The driver uses endpoint-sized USB transfer buffers but had no sanity<br /> checks on the sizes. This can lead to zero-size-pointer dereferences or<br /> overflowed transfer buffers in ni6501_port_command() and<br /> ni6501_counter_command() if a (malicious) device has smaller max-packet<br /> sizes than expected (or when doing descriptor fuzz testing).<br /> <br /> Add the missing sanity checks to probe().
Severity CVSS v4.0: Pending analysis
Last modification:
02/04/2025

CVE-2021-47477
Publication date:
22/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> comedi: dt9812: fix DMA buffers on stack<br /> <br /> USB transfer buffers are typically mapped for DMA and must not be<br /> allocated on the stack or transfers will fail.<br /> <br /> Allocate proper transfer buffers in the various command helpers and<br /> return an error on short transfers instead of acting on random stack<br /> data.<br /> <br /> Note that this also fixes a stack info leak on systems where DMA is not<br /> used as 32 bytes are always sent to the device regardless of how short<br /> the command is.
Severity CVSS v4.0: Pending analysis
Last modification:
24/09/2025

CVE-2021-47478
Publication date:
22/05/2024
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> isofs: Fix out of bound access for corrupted isofs image<br /> <br /> When isofs image is suitably corrupted isofs_read_inode() can read data<br /> beyond the end of buffer. Sanity-check the directory entry length before<br /> using it.
Severity CVSS v4.0: Pending analysis
Last modification:
02/04/2025
Subscribe to Vulnerabilities