National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

<strong>BETA JSON Vulnerability Feeds Now Available!</strong>
New Data Feeds
Vulnerable Product Configurations Improved!
CPE Ranges
Multiple different visualizations displaying word, CWE, CVSS score distribution and more!
Vulnerability Visualizations


The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.
 
Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

  • CVE-2016-10501 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9635M, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, S... read CVE-2016-10501
    Published: April 18, 2018; 10:29:14 AM -04:00

    V3: 9.8 CRITICAL
     V2: 10.0 HIGH

  • CVE-2016-10499 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425... read CVE-2016-10499
    Published: April 18, 2018; 10:29:14 AM -04:00

    V3: 7.5 HIGH
     V2: 7.8 HIGH

  • CVE-2016-10498 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, MDM9645, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/... read CVE-2016-10498
    Published: April 18, 2018; 10:29:14 AM -04:00

    V3: 9.8 CRITICAL
     V2: 10.0 HIGH

  • CVE-2016-10497 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425... read CVE-2016-10497
    Published: April 18, 2018; 10:29:14 AM -04:00

    V3: 7.5 HIGH
     V2: 7.8 HIGH

  • CVE-2016-10495 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, made changes to map the scan type value to an index value that is in range.
    Published: April 18, 2018; 10:29:13 AM -04:00

    V3: 9.8 CRITICAL
     V2: 10.0 HIGH

  • CVE-2016-10494 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 4... read CVE-2016-10494
    Published: April 18, 2018; 10:29:13 AM -04:00

    V3: 9.8 CRITICAL
     V2: 10.0 HIGH

  • CVE-2016-10490 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD... read CVE-2016-10490
    Published: April 18, 2018; 10:29:13 AM -04:00

    V3: 9.8 CRITICAL
     V2: 10.0 HIGH

  • CVE-2016-10489 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, lack of address argument validation in qsee_get_tz_app_name() may lead to an untrusted pointer dereference.
    Published: April 18, 2018; 10:29:13 AM -04:00

    V3: 9.8 CRITICAL
     V2: 10.0 HIGH

  • CVE-2016-10455 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425... read CVE-2016-10455
    Published: April 18, 2018; 10:29:12 AM -04:00

    V3: 7.5 HIGH
     V2: 7.8 HIGH

  • CVE-2016-10448 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425... read CVE-2016-10448
    Published: April 18, 2018; 10:29:11 AM -04:00

    V3: 9.8 CRITICAL
     V2: 7.5 HIGH

  • CVE-2016-10427 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425... read CVE-2016-10427
    Published: April 18, 2018; 10:29:10 AM -04:00

    V3: 7.5 HIGH
     V2: 7.8 HIGH

  • CVE-2016-10421 In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425... read CVE-2016-10421
    Published: April 18, 2018; 10:29:10 AM -04:00

    V3: 9.8 CRITICAL
     V2: 10.0 HIGH

  • CVE-2016-10414 In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W... read CVE-2016-10414
    Published: April 18, 2018; 10:29:10 AM -04:00

    V3: 9.8 CRITICAL
     V2: 10.0 HIGH

  • CVE-2018-5342 An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: network services (Desktop Central and PostgreSQL) running with a superuser account.
    Published: April 18, 2018; 04:29:00 AM -04:00

    V3: 7.2 HIGH
     V2: 6.5 MEDIUM

  • CVE-2018-5341 An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: a missing server-side check on the file type/extension when uploading and modifying scripts.
    Published: April 18, 2018; 04:29:00 AM -04:00

    V3: 9.8 CRITICAL
     V2: 7.5 HIGH

  • CVE-2018-5340 An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: database access using a superuser account (specifically, an account with permission to write to the filesystem via SQL queries).
    Published: April 18, 2018; 04:29:00 AM -04:00

    V3: 7.2 HIGH
     V2: 6.5 MEDIUM

  • CVE-2018-5339 An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: insufficient enforcement of database query type restrictions.
    Published: April 18, 2018; 04:29:00 AM -04:00

    V3: 9.8 CRITICAL
     V2: 7.5 HIGH

  • CVE-2018-5338 An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: missing authentication/authorization for a database query mechanism.
    Published: April 18, 2018; 04:29:00 AM -04:00

    V3: 9.8 CRITICAL
     V2: 7.5 HIGH

  • CVE-2018-5337 An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: directory traversal in the SCRIPT_NAME field when modifying existing scripts.
    Published: April 18, 2018; 04:29:00 AM -04:00

    V3: 9.1 CRITICAL
     V2: 6.4 MEDIUM

  • CVE-2018-10086 CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary code execution vulnerability in the admin dashboard because the implementation uses "eval('function testfunction'.rand()" and it is possible to bypass certain restrictions on these "testfunc... read CVE-2018-10086
    Published: April 13, 2018; 01:29:00 AM -04:00

    V3: 7.2 HIGH
     V2: 6.5 MEDIUM