Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2023-33040
Publication date:
02/01/2024
Transient DOS in Data Modem during DTLS handshake.
Severity CVSS v4.0: Pending analysis
Last modification:
12/04/2024

CVE-2023-33062
Publication date:
02/01/2024
Transient DOS in WLAN Firmware while parsing a BTM request.
Severity CVSS v4.0: Pending analysis
Last modification:
11/08/2025

CVE-2023-33085
Publication date:
02/01/2024
Memory corruption in wearables while processing data from AON.
Severity CVSS v4.0: Pending analysis
Last modification:
11/08/2025

CVE-2023-33037
Publication date:
02/01/2024
Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data.
Severity CVSS v4.0: Pending analysis
Last modification:
12/04/2024

CVE-2023-33030
Publication date:
02/01/2024
Memory corruption in HLOS while running playready use-case.
Severity CVSS v4.0: Pending analysis
Last modification:
12/04/2024

CVE-2023-33032
Publication date:
02/01/2024
Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.
Severity CVSS v4.0: Pending analysis
Last modification:
12/04/2024

CVE-2023-33033
Publication date:
02/01/2024
Memory corruption in Audio during playback with speaker protection.
Severity CVSS v4.0: Pending analysis
Last modification:
12/04/2024

CVE-2023-33036
Publication date:
02/01/2024
Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call.
Severity CVSS v4.0: Pending analysis
Last modification:
12/04/2024

CVE-2023-28583
Publication date:
02/01/2024
Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address.
Severity CVSS v4.0: Pending analysis
Last modification:
12/04/2024

CVE-2023-33014
Publication date:
02/01/2024
Information disclosure in Core services while processing a Diag command.
Severity CVSS v4.0: Pending analysis
Last modification:
12/04/2024

CVE-2023-33025
Publication date:
02/01/2024
Memory corruption in Data Modem when a non-standard SDP body, during a VOLTE call.
Severity CVSS v4.0: Pending analysis
Last modification:
12/04/2024

CVE-2023-26157
Publication date:
02/01/2024
Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c.
Severity CVSS v4.0: Pending analysis
Last modification:
08/01/2024
Subscribe to Vulnerabilities