National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database



The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.
 
Last 20 Scored Vulnerability IDs & Summaries CVSS Severity
  • CVE-2018-3693 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.
    Published: July 10, 2018; 05:29:01 PM -04:00

  • CVE-2018-13723 The mintToken function of a smart contract implementation for SERVVIZIOToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
    Published: July 09, 2018; 02:29:13 AM -04:00

  • CVE-2018-11707 FastStone Image Viewer 6.2 has a User Mode Read and Execute AV at 0x0057898e, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecifie... read CVE-2018-11707
    Published: June 19, 2018; 09:29:02 PM -04:00

  • CVE-2018-11706 FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578dd8, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other imp... read CVE-2018-11706
    Published: June 19, 2018; 09:29:02 PM -04:00

  • CVE-2018-11705 FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578cc4, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other imp... read CVE-2018-11705
    Published: June 19, 2018; 09:29:02 PM -04:00

  • CVE-2018-11704 FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d7d, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other imp... read CVE-2018-11704
    Published: June 19, 2018; 09:29:02 PM -04:00

  • CVE-2018-11703 FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d6a, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other imp... read CVE-2018-11703
    Published: June 19, 2018; 09:29:02 PM -04:00

  • CVE-2018-11702 FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578cb3, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other imp... read CVE-2018-11702
    Published: June 19, 2018; 09:29:02 PM -04:00

  • CVE-2018-11701 FastStone Image Viewer 6.2 has a User Mode Write AV at 0x005cb509, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (Access Violation) or possibly unspecified other imp... read CVE-2018-11701
    Published: June 19, 2018; 09:29:02 PM -04:00

  • CVE-2018-12525 An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /images/ provides a directory listing.
    Published: June 18, 2018; 07:29:00 AM -04:00

  • CVE-2018-12524 An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /lib/ provides a directory listing.
    Published: June 18, 2018; 07:29:00 AM -04:00

  • CVE-2018-12523 An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /etc/ provides a directory listing.
    Published: June 18, 2018; 07:29:00 AM -04:00

  • CVE-2018-12522 An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /style/ provides a directory listing.
    Published: June 18, 2018; 07:29:00 AM -04:00

  • CVE-2018-8225 A remote code execution vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it fails to properly handle DNS responses, aka "Windows DNSAPI Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Wind... read CVE-2018-8225
    Published: June 14, 2018; 08:29:01 AM -04:00

    V3: 8.1 HIGH
    V2: 9.3 HIGH

  • CVE-2018-8210 A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka "Windows Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Windows... read CVE-2018-8210
    Published: June 14, 2018; 08:29:01 AM -04:00

    V3: 7.8 HIGH
    V2: 7.2 HIGH

  • CVE-2018-8207 An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 200... read CVE-2018-8207
    Published: June 14, 2018; 08:29:00 AM -04:00

  • CVE-2018-8205 A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Serve... read CVE-2018-8205
    Published: June 14, 2018; 08:29:00 AM -04:00

  • CVE-2018-8169 An elevation of privilege vulnerability exists when the (Human Interface Device) HID Parser Library driver improperly handles objects in memory, aka "HIDParser Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Win... read CVE-2018-8169
    Published: June 14, 2018; 08:29:00 AM -04:00

  • CVE-2018-1040 A denial of service vulnerability exists in the way that the Windows Code Integrity Module performs hashing, aka "Windows Code Integrity Module Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows... read CVE-2018-1040
    Published: June 14, 2018; 08:29:00 AM -04:00

  • CVE-2018-1036 An elevation of privilege vulnerability exists when NTFS improperly checks access, aka "NTFS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1,... read CVE-2018-1036
    Published: June 14, 2018; 08:29:00 AM -04:00