NVD

New NVD CVE/CPE API and Legacy SOAP Service Retirement!

The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.

For information on how to the cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

CVE-2021-30956 - A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 15.2 and iPadOS 15.2. An attacker with physical access to a device may be able to see private co... read CVE-2021-30956
Published: August 24, 2021; 3:15:21 PM -0400

V3.1: 2.4 LOW
V2.0: 2.1 LOW
CVE-2021-30962 - A memory initialization issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Big Sur 11.6.2. Parsing a maliciously crafted audio file may lead to disclosure of user information.
Published: August 24, 2021; 3:15:22 PM -0400

V3.1: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2021-30994 - An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs.
Published: August 24, 2021; 3:15:24 PM -0400

V3.1: 3.3 LOW
V2.0: 4.3 MEDIUM
CVE-2022-29199 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.LoadAndRemapMatrix does not fully validate the input arguments. This results in a `CHECK`-failure which... read CVE-2022-29199
Published: May 20, 2022; 6:16:40 PM -0400

V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2022-29198 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SparseTensorToCSRSparseMatrix` does not fully validate the input arguments. This results in a `CHECK`-f... read CVE-2022-29198
Published: May 20, 2022; 6:16:40 PM -0400

V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2022-29197 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure whi... read CVE-2022-29197
Published: May 20, 2022; 6:16:40 PM -0400

V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2022-29196 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.Conv3DBackpropFilterV2` does not fully validate the input arguments. This results in a `CHECK`-failure ... read CVE-2022-29196
Published: May 20, 2022; 6:16:40 PM -0400

V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2022-29195 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.StagePeek` does not fully validate the input arguments. This results in a `CHECK`-failure which can be ... read CVE-2022-29195
Published: May 20, 2022; 6:16:40 PM -0400

V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2021-3922 - A race condition vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3 that could allow a local attacker to connect and interact with the IMController child process' named... read CVE-2021-3922
Published: May 18, 2022; 12:15:07 PM -0400

V3.1: 7.0 HIGH
V2.0: 4.4 MEDIUM
CVE-2021-3969 - A Time of Check Time of Use (TOCTOU) vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3that could allow a local attacker to elevate privileges.
Published: May 18, 2022; 12:15:08 PM -0400

V3.1: 7.0 HIGH
V2.0: 4.4 MEDIUM
CVE-2022-29193 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.TensorSummaryV2` does not fully validate the input arguments. This results in a `CHECK`-failure which c... read CVE-2022-29193
Published: May 20, 2022; 6:16:40 PM -0400

V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2022-29029 - A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll contains a null pointer derefere... read CVE-2022-29029
Published: May 20, 2022; 9:15:15 AM -0400

V3.1: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2022-29030 - A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Mono_Loader.dll library is vulnerable to integer ove... read CVE-2022-29030
Published: May 20, 2022; 9:15:15 AM -0400

V3.1: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2022-29031 - A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll contains a null pointer derefere... read CVE-2022-29031
Published: May 20, 2022; 9:15:15 AM -0400

V3.1: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2022-29032 - A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll library contains a double free v... read CVE-2022-29032
Published: May 20, 2022; 9:15:15 AM -0400

V3.1: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2022-29033 - A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll library is vulnerable to uniniti... read CVE-2022-29033
Published: May 20, 2022; 9:15:15 AM -0400

V3.1: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2022-28965 - Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file.
Published: May 19, 2022; 10:15:07 PM -0400

V3.1: 6.5 MEDIUM
V2.0: 4.4 MEDIUM
CVE-2022-24856 - FlyteConsole is the web user interface for the Flyte platform. FlyteConsole prior to version 0.52.0 is vulnerable to server-side request forgery (SSRF) when FlyteConsole is open to the general internet. An attacker can exploit any user of a vulner... read CVE-2022-24856
Published: May 17, 2022; 12:15:09 PM -0400

V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2022-24108 - The Skyoftech So Listing Tabs module 2.2.0 for OpenCart allows a remote attacker to inject a serialized PHP object via the setting parameter, potentially resulting in the ability to write to files on the server, cause DoS, and achieve remote code ... read CVE-2022-24108
Published: May 17, 2022; 12:15:09 PM -0400

V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2020-4994 - IBM DataPower Gateway 10.0.1.0 through 10.0.1.4 and 2018.4.1.0 through 2018.4.1.17 could allow a remote user to cause a temporary denial of service by sending invalid HTTP requests. IBM X-Force ID: 192906.
Published: May 17, 2022; 1:15:07 PM -0400

V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database