U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.


The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.

For information on how to the cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity
  • CVE-2021-30956 - A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 15.2 and iPadOS 15.2. An attacker with physical access to a device may be able to see private co... read CVE-2021-30956
    Published: August 24, 2021; 3:15:21 PM -0400

    V3.1: 2.4 LOW
    V2.0: 2.1 LOW

  • CVE-2021-30962 - A memory initialization issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Big Sur 11.6.2. Parsing a maliciously crafted audio file may lead to disclosure of user information.
    Published: August 24, 2021; 3:15:22 PM -0400

    V3.1: 5.5 MEDIUM
    V2.0: 4.3 MEDIUM

  • CVE-2021-30994 - An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs.
    Published: August 24, 2021; 3:15:24 PM -0400

    V3.1: 3.3 LOW
    V2.0: 4.3 MEDIUM

  • CVE-2022-29199 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.LoadAndRemapMatrix does not fully validate the input arguments. This results in a `CHECK`-failure which... read CVE-2022-29199
    Published: May 20, 2022; 6:16:40 PM -0400

    V3.1: 5.5 MEDIUM
    V2.0: 2.1 LOW

  • CVE-2022-29198 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SparseTensorToCSRSparseMatrix` does not fully validate the input arguments. This results in a `CHECK`-f... read CVE-2022-29198
    Published: May 20, 2022; 6:16:40 PM -0400

    V3.1: 5.5 MEDIUM
    V2.0: 2.1 LOW

  • CVE-2022-29197 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure whi... read CVE-2022-29197
    Published: May 20, 2022; 6:16:40 PM -0400

    V3.1: 5.5 MEDIUM
    V2.0: 2.1 LOW

  • CVE-2022-29196 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.Conv3DBackpropFilterV2` does not fully validate the input arguments. This results in a `CHECK`-failure ... read CVE-2022-29196
    Published: May 20, 2022; 6:16:40 PM -0400

    V3.1: 5.5 MEDIUM
    V2.0: 2.1 LOW

  • CVE-2022-29195 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.StagePeek` does not fully validate the input arguments. This results in a `CHECK`-failure which can be ... read CVE-2022-29195
    Published: May 20, 2022; 6:16:40 PM -0400

    V3.1: 5.5 MEDIUM
    V2.0: 2.1 LOW

  • CVE-2021-3922 - A race condition vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3 that could allow a local attacker to connect and interact with the IMController child process' named... read CVE-2021-3922
    Published: May 18, 2022; 12:15:07 PM -0400

    V3.1: 7.0 HIGH
    V2.0: 4.4 MEDIUM

  • CVE-2021-3969 - A Time of Check Time of Use (TOCTOU) vulnerability was reported in IMController, a software component of Lenovo System Interface Foundation, prior to version 1.1.20.3that could allow a local attacker to elevate privileges.
    Published: May 18, 2022; 12:15:08 PM -0400

    V3.1: 7.0 HIGH
    V2.0: 4.4 MEDIUM

  • CVE-2022-29193 - TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.TensorSummaryV2` does not fully validate the input arguments. This results in a `CHECK`-failure which c... read CVE-2022-29193
    Published: May 20, 2022; 6:16:40 PM -0400

    V3.1: 5.5 MEDIUM
    V2.0: 2.1 LOW

  • CVE-2022-29029 - A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll contains a null pointer derefere... read CVE-2022-29029
    Published: May 20, 2022; 9:15:15 AM -0400

    V3.1: 5.5 MEDIUM
    V2.0: 4.3 MEDIUM

  • CVE-2022-29030 - A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Mono_Loader.dll library is vulnerable to integer ove... read CVE-2022-29030
    Published: May 20, 2022; 9:15:15 AM -0400

    V3.1: 5.5 MEDIUM
    V2.0: 4.3 MEDIUM

  • CVE-2022-29031 - A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll contains a null pointer derefere... read CVE-2022-29031
    Published: May 20, 2022; 9:15:15 AM -0400

    V3.1: 5.5 MEDIUM
    V2.0: 4.3 MEDIUM

  • CVE-2022-29032 - A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll library contains a double free v... read CVE-2022-29032
    Published: May 20, 2022; 9:15:15 AM -0400

    V3.1: 7.8 HIGH
    V2.0: 6.8 MEDIUM

  • CVE-2022-29033 - A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll library is vulnerable to uniniti... read CVE-2022-29033
    Published: May 20, 2022; 9:15:15 AM -0400

    V3.1: 7.8 HIGH
    V2.0: 6.8 MEDIUM

  • CVE-2022-28965 - Multiple DLL hijacking vulnerabilities via the components instup.exe and wsc_proxy.exe in Avast Premium Security before v21.11.2500 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted DLL file.
    Published: May 19, 2022; 10:15:07 PM -0400

    V3.1: 6.5 MEDIUM
    V2.0: 4.4 MEDIUM

  • CVE-2022-24856 - FlyteConsole is the web user interface for the Flyte platform. FlyteConsole prior to version 0.52.0 is vulnerable to server-side request forgery (SSRF) when FlyteConsole is open to the general internet. An attacker can exploit any user of a vulner... read CVE-2022-24856
    Published: May 17, 2022; 12:15:09 PM -0400

    V3.1: 7.5 HIGH
    V2.0: 5.0 MEDIUM

  • CVE-2022-24108 - The Skyoftech So Listing Tabs module 2.2.0 for OpenCart allows a remote attacker to inject a serialized PHP object via the setting parameter, potentially resulting in the ability to write to files on the server, cause DoS, and achieve remote code ... read CVE-2022-24108
    Published: May 17, 2022; 12:15:09 PM -0400

    V3.1: 9.8 CRITICAL
    V2.0: 7.5 HIGH

  • CVE-2020-4994 - IBM DataPower Gateway 10.0.1.0 through 10.0.1.4 and 2018.4.1.0 through 2018.4.1.17 could allow a remote user to cause a temporary denial of service by sending invalid HTTP requests. IBM X-Force ID: 192906.
    Published: May 17, 2022; 1:15:07 PM -0400

    V3.1: 7.5 HIGH
    V2.0: 5.0 MEDIUM