NVD - Home

<strong>JSON Vulnerability Feeds 1.0 Released!</strong>

JSON Feed 1.0 Released

CPE Ranges

Multiple different visualizations displaying word, CWE, CVSS score distribution and more!

Vulnerability Visualizations

The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

CVE-2018-3077 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network acc... read CVE-2018-3077
Published: July 18, 2018; 09:29:08 AM -04:00

V3: 4.9 MEDIUM
V2: 4.0 MEDIUM
CVE-2018-3081 — Vulnerability in the MySQL Client component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows... read CVE-2018-3081
Published: July 18, 2018; 09:29:08 AM -04:00

V3: 5.0 MEDIUM
V2: 4.9 MEDIUM
CVE-2017-7059 — A DOMParser XSS issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component.
Published: July 20, 2017; 12:29:02 PM -04:00

V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-7056 — An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv... read CVE-2017-7056
Published: July 20, 2017; 12:29:02 PM -04:00

V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-7055 — An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue inv... read CVE-2017-7055
Published: July 20, 2017; 12:29:02 PM -04:00

V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-2524 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "TextInput" component. It allows remote attac... read CVE-2017-2524
Published: May 22, 2017; 01:29:01 AM -04:00

V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2017-2523 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Foundation" component. It allows remote atta... read CVE-2017-2523
Published: May 22, 2017; 01:29:01 AM -04:00

V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2017-2522 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "CoreFoundation" component. It allows remote... read CVE-2017-2522
Published: May 22, 2017; 01:29:01 AM -04:00

V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2017-2521 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "WebKit" component. It allows remote attacker... read CVE-2017-2521
Published: May 22, 2017; 01:29:01 AM -04:00

V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-2520 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attacker... read CVE-2017-2520
Published: May 22, 2017; 01:29:01 AM -04:00

V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2017-2519 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attacker... read CVE-2017-2519
Published: May 22, 2017; 01:29:01 AM -04:00

V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2017-2518 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attacker... read CVE-2017-2518
Published: May 22, 2017; 01:29:01 AM -04:00

V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2017-2507 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to by... read CVE-2017-2507
Published: May 22, 2017; 01:29:00 AM -04:00

V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-2505 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cau... read CVE-2017-2505
Published: May 22, 2017; 01:29:00 AM -04:00

V3: 8.8 HIGH
V2: 6.8 MEDIUM
CVE-2017-2504 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS)... read CVE-2017-2504
Published: May 22, 2017; 01:29:00 AM -04:00

V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-2502 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "CoreAudio" component. It allows attackers to... read CVE-2017-2502
Published: May 22, 2017; 01:29:00 AM -04:00

V3: 5.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-2501 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "Kernel" component. A race condition allows a... read CVE-2017-2501
Published: May 22, 2017; 01:29:00 AM -04:00

V3: 7.0 HIGH
V2: 7.6 HIGH
CVE-2017-2499 — An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit Web Inspector" component. It allows attackers to execute arbitrary unsi... read CVE-2017-2499
Published: May 22, 2017; 01:29:00 AM -04:00

V3: 7.8 HIGH
V2: 6.8 MEDIUM
CVE-2018-19515 — In Webgalamb through 7.0, system/ajax.php functionality is supposed to be available only to the administrator. However, by using one of the bgsend, atment_sddd1xGz, or xls_bgimport query parameters, most of these methods become available to unauthent... read CVE-2018-19515
Published: March 21, 2019; 12:00:31 PM -04:00

V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2018-19514 — In Webgalamb through 7.0, an arbitrary code execution vulnerability could be exploited remotely without authentication. Exploitation requires authentication bypass to access administrative functions of the site to upload a crafted CSV file with a mal... read CVE-2018-19514
Published: March 21, 2019; 12:00:31 PM -04:00

V3: 9.8 CRITICAL
V2: 7.5 HIGH

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database