Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2024-3109

Publication date:

03/05/2024

A hard-coded AES key vulnerability was reported in the Motorola GuideMe application, along with a lack of URI sanitation, could allow for a local attacker to read arbitrary files.

Severity CVSS v4.0: Pending analysis

Last modification:

03/05/2024

CVE-2023-41826

Publication date:

03/05/2024

A PendingIntent hijacking vulnerability in Motorola Device Help (Genie) application that could allow local attackers to access files or interact with non-exported software components without permission.

Severity CVSS v4.0: Pending analysis

Last modification:

03/05/2024

CVE-2023-41828

Publication date:

03/05/2024

An implicit intent export vulnerability was reported in the Motorola Phone application, that could allow unauthorized access to a non-exported content provider.

Severity CVSS v4.0: Pending analysis

Last modification:

03/05/2024

CVE-2023-41830

Publication date:

03/05/2024

An improper absolute path traversal vulnerability was reported for the Ready For application allowing a local application access to files without authorization.

Severity CVSS v4.0: Pending analysis

Last modification:

03/05/2024

CVE-2023-6363

Publication date:

03/05/2024

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory. This issue affects Valhall GPU Kernel Driver: from r41p0 through r47p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0.

Severity CVSS v4.0: Pending analysis

Last modification:

27/03/2025

CVE-2024-1067

Publication date:

03/05/2024

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. On Armv8.0 cores, there are certain combinations of the Linux Kernel and Mali GPU kernel driver configurations that would allow the GPU operations to affect the userspace memory of other processes. This issue affects Bifrost GPU Kernel Driver: from r41p0 through r47p0; Valhall GPU Kernel Driver: from r41p0 through r47p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0.

Severity CVSS v4.0: Pending analysis

Last modification:

28/03/2025

CVE-2024-1395

Publication date:

03/05/2024

Use After Free vulnerability in Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory. This issue affects Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r47p0.

Severity CVSS v4.0: Pending analysis

Last modification:

27/03/2025

CVE-2024-3108

Publication date:

03/05/2024

An implicit intent vulnerability was reported for Motorola’s Time Weather Widget application that could allow a local application to acquire the location of the device without authorization.

Severity CVSS v4.0: Pending analysis

Last modification:

03/05/2024

CVE-2023-41821

Publication date:

03/05/2024

A an improper export vulnerability was reported in the Motorola Setup application that could allow a local attacker to read sensitive user information.

Severity CVSS v4.0: Pending analysis

Last modification:

03/05/2024

CVE-2023-41822

Publication date:

03/05/2024

An improper export vulnerability was reported in the Motorola Interface Test Tool application that could allow a malicious local application to execute OS commands.

Severity CVSS v4.0: Pending analysis

Last modification:

03/05/2024

CVE-2023-41823

Publication date:

03/05/2024

An improper export vulnerability was reported in the Motorola Phone Extension application, that could allow a local attacker to execute unauthorized Activities.

Severity CVSS v4.0: Pending analysis

Last modification:

03/05/2024

CVE-2023-41824

Publication date:

03/05/2024

An implicit intent vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read the calling phone number and calling data.

Severity CVSS v4.0: Pending analysis

Last modification:

03/05/2024

Subscribe to Vulnerabilities