Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2024-41091

Publication date:

29/07/2024

In the Linux kernel, the following vulnerability has been resolved: tun: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tun_xdp_one() path, which could cause a corrupted skb to be sent downstack. Even before the skb is transmitted, the tun_xdp_one-->eth_type_trans() may access the Ethernet header although it can be less than ETH_HLEN. Once transmitted, this could either cause out-of-bound access beyond the actual length, or confuse the underlayer with incorrect or inconsistent header length in the skb metadata. In the alternative path, tun_get_user() already prohibits short frame which has the length less than Ethernet header size from being transmitted for IFF_TAP. This is to drop any frame shorter than the Ethernet header size just like how tun_get_user() does. CVE: CVE-2024-41091

Severity CVSS v4.0: Pending analysis

Last modification:

03/11/2025

CVE-2024-41018

Publication date:

29/07/2024

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add a check for attr_names and oatbl Added out-of-bound checking for *ane (ATTR_NAME_ENTRY).

Severity CVSS v4.0: Pending analysis

Last modification:

07/10/2025

CVE-2024-41015

Publication date:

29/07/2024

In the Linux kernel, the following vulnerability has been resolved: ocfs2: add bounds checking to ocfs2_check_dir_entry() This adds sanity checks for ocfs2_dir_entry to make sure all members of ocfs2_dir_entry don&#39;t stray beyond valid memory region.

Severity CVSS v4.0: Pending analysis

Last modification:

03/11/2025

CVE-2024-41017

Publication date:

29/07/2024

In the Linux kernel, the following vulnerability has been resolved: jfs: don&#39;t walk off the end of ealist Add a check before visiting the members of ea to make sure each ea stays within the ealist.

Severity CVSS v4.0: Pending analysis

Last modification:

03/11/2025

CVE-2024-41016

Publication date:

29/07/2024

In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() xattr in ocfs2 maybe &#39;non-indexed&#39;, which saved with additional space requested. It&#39;s better to check if the memory is out of bound before memcmp, although this possibility mainly comes from crafted poisonous images.

Severity CVSS v4.0: Pending analysis

Last modification:

12/05/2026

CVE-2024-41013

Publication date:

29/07/2024

In the Linux kernel, the following vulnerability has been resolved: xfs: don&#39;t walk off the end of a directory data block This adds sanity checks for xfs_dir2_data_unused and xfs_dir2_data_entry to make sure don&#39;t stray beyond valid memory region. Before patching, the loop simply checks that the start offset of the dup and dep is within the range. So in a crafted image, if last entry is xfs_dir2_data_unused, we can change dup->length to dup->length-1 and leave 1 byte of space. In the next traversal, this space will be considered as dup or dep. We may encounter an out of bound read when accessing the fixed members. In the patch, we make sure that the remaining bytes large enough to hold an unused entry before accessing xfs_dir2_data_unused and xfs_dir2_data_unused is XFS_DIR2_DATA_ALIGN byte aligned. We also make sure that the remaining bytes large enough to hold a dirent with a single-byte name before accessing xfs_dir2_data_entry.

Severity CVSS v4.0: Pending analysis

Last modification:

03/11/2025

CVE-2024-41014

Publication date:

29/07/2024

In the Linux kernel, the following vulnerability has been resolved: xfs: add bounds checking to xlog_recover_process_data There is a lack of verification of the space occupied by fixed members of xlog_op_header in the xlog_recover_process_data. We can create a crafted image to trigger an out of bounds read by following these steps: 1) Mount an image of xfs, and do some file operations to leave records 2) Before umounting, copy the image for subsequent steps to simulate abnormal exit. Because umount will ensure that tail_blk and head_blk are the same, which will result in the inability to enter xlog_recover_process_data 3) Write a tool to parse and modify the copied image in step 2 4) Make the end of the xlog_op_header entries only 1 byte away from xlog_rec_header->h_size 5) xlog_rec_header->h_num_logops++ 6) Modify xlog_rec_header->h_crc Fix: Add a check to make sure there is sufficient space to access fixed members of xlog_op_header.

Severity CVSS v4.0: Pending analysis

Last modification:

03/11/2025

CVE-2024-7186

Publication date:

29/07/2024

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been classified as critical. This affects the function setWiFiAclAddConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument comment leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-272607. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Severity CVSS v4.0: Pending analysis

Last modification:

23/08/2024

CVE-2024-4483

Publication date:

29/07/2024

The Email Encoder WordPress plugin before 2.2.2 does not escape the WP_Email_Encoder_Bundle_options[protection_text] parameter before outputting it back in an attribute in an admin page, leading to a Stored Cross-Site Scripting

Severity CVSS v4.0: Pending analysis

Last modification:

29/05/2025

CVE-2024-5285

Publication date:

29/07/2024

The wp-affiliate-platform WordPress plugin before 6.5.2 does not have CSRF check in place when deleting affiliates, which could allow attackers to make a logged in user change delete them via a CSRF attack

Severity CVSS v4.0: Pending analysis

Last modification:

07/07/2025

CVE-2024-5882

Publication date:

29/07/2024

The Ultimate Classified Listings WordPress plugin before 1.3 does not validate the `ucl_page` and `layout` parameters allowing unauthenticated users to access PHP files on the server from the listings page

Severity CVSS v4.0: Pending analysis

Last modification:

10/04/2025

CVE-2024-5883

Publication date:

29/07/2024

The Ultimate Classified Listings WordPress plugin before 1.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

Severity CVSS v4.0: Pending analysis

Last modification:

10/04/2025

Subscribe to Vulnerabilities