NVD

Icon for New NVD Communications and Status Updates Page

The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.

For information on how to cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Legal Disclaimer:

Here is where you can read the NVD legal disclaimer.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

CVE-2020-37103 - DotNetNuke 9.5 contains a persistent cross-site scripting vulnerability that allows normal users to upload malicious XML files with executable scripts through journal tools. Attackers can upload XML files with XHTML namespace scripts to execute ar... read CVE-2020-37103
Published: February 03, 2026; 1:16:10 PM -0500

V3.1: 5.4 MEDIUM
CVE-2020-37137 - PHP-Fusion 9.03.50 contains a remote code execution vulnerability in the 'add_panel_form()' function that allows attackers to execute arbitrary code through an eval() function with unsanitized POST data. Attackers can exploit the vulnerability by ... read CVE-2020-37137
Published: February 05, 2026; 12:16:09 PM -0500

V3.1: 9.8 CRITICAL
CVE-2020-37152 - PHP-Fusion 9.03.50 panels.php is vulnerable to cross-site scripting (XSS) via the 'panel_content' POST parameter. The application fails to properly sanitize user input before rendering it in the browser, allowing attackers to inject arbitrary Java... read CVE-2020-37152
Published: February 05, 2026; 12:16:10 PM -0500

V3.1: 6.1 MEDIUM
CVE-2020-37133 - UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Repeater Host configuration field that allows attackers to crash the application. Attackers can paste an overly long string of 300 characters into the Repeater Host proper... read CVE-2020-37133
Published: February 05, 2026; 12:16:08 PM -0500

V3.1: 7.5 HIGH
CVE-2020-37132 - UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in its password configuration properties that allows local attackers to crash the application. Attackers can paste an overly long 300-character string into the password field to ... read CVE-2020-37132
Published: February 05, 2026; 12:16:08 PM -0500

V3.1: 5.5 MEDIUM
CVE-2020-37130 - Nsauditor 3.2.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can create a malicious payload of 1000 bytes of repeated characters to trigger an applicati... read CVE-2020-37130
Published: February 05, 2026; 12:16:08 PM -0500

V3.1: 7.5 HIGH
CVE-2020-37119 - Nsauditor 3.0.28 and 3.2.1.0 contains a buffer overflow vulnerability in the DNS Lookup tool that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious DNS query payload to trigger a three-byte overwrite... read CVE-2020-37119
Published: February 05, 2026; 12:16:06 PM -0500

V3.1: 9.8 CRITICAL
CVE-2023-53533 - In the Linux kernel, the following vulnerability has been resolved: Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe rpi_firmware_get() take reference, we need to release it in error paths as well. Use devm_rpi_firmware_get() helper to ... read CVE-2023-53533
Published: October 04, 2025; 12:15:48 PM -0400

V3.1: 5.5 MEDIUM
CVE-2023-53534 - In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc As the devm_kcalloc may return NULL, the return value needs to be checked to avoid NULL poineter dereference.
Published: October 04, 2025; 12:15:48 PM -0400

V3.1: 5.5 MEDIUM
CVE-2023-53535 - In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: Add a check for oversized packets Occasionnaly we may get oversized packets from the hardware which exceed the nomimal 2KiB buffer size we allocate SKBs with. Add... read CVE-2023-53535
Published: October 04, 2025; 12:15:48 PM -0400

V3.1: 5.5 MEDIUM
CVE-2023-53536 - In the Linux kernel, the following vulnerability has been resolved: blk-crypto: make blk_crypto_evict_key() more robust If blk_crypto_evict_key() sees that the key is still in-use (due to a bug) or that ->keyslot_evict failed, it currently just ... read CVE-2023-53536
Published: October 04, 2025; 12:15:48 PM -0400

V3.1: 7.8 HIGH
CVE-2023-53537 - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid use-after-free for cached IPU bio xfstest generic/019 reports a bug: kernel BUG at mm/filemap.c:1619! RIP: 0010:folio_end_writeback+0x8a/0x90 Call Trace: en... read CVE-2023-53537
Published: October 04, 2025; 12:15:48 PM -0400

V3.1: 7.8 HIGH
CVE-2023-53538 - In the Linux kernel, the following vulnerability has been resolved: btrfs: insert tree mod log move in push_node_left There is a fairly unlikely race condition in tree mod log rewind that can result in a kernel panic which has the following trac... read CVE-2023-53538
Published: October 04, 2025; 12:15:48 PM -0400

V3.1: 5.5 MEDIUM
CVE-2023-53539 - In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix incomplete state save in rxe_requester If a send packet is dropped by the IP layer in rxe_requester() the call to rxe_xmit_packet() can fail with err == -EAGAIN. T... read CVE-2023-53539
Published: October 04, 2025; 12:15:48 PM -0400

V3.1: 5.5 MEDIUM
CVE-2023-53540 - In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: reject auth/assoc to AP with our address If the AP uses our own address as its MLD address or BSSID, then clearly something's wrong. Reject such connections so w... read CVE-2023-53540
Published: October 04, 2025; 12:15:49 PM -0400

V3.1: 5.5 MEDIUM
CVE-2023-53541 - In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write When the oob buffer length is not in multiple of words, the oob write function does out-of-bounds read on... read CVE-2023-53541
Published: October 04, 2025; 12:15:49 PM -0400

V3.1: 7.8 HIGH
CVE-2023-53542 - In the Linux kernel, the following vulnerability has been resolved: ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy For some reason, the driver adding support for Exynos5420 MIPI phy back in 2016 wasn't used on Exynos5420, whi... read CVE-2023-53542
Published: October 04, 2025; 12:15:49 PM -0400

V3.1: 5.5 MEDIUM
CVE-2023-53588 - In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check for station first in client probe When probing a client, first check if we have it, and then check for the channel context, otherwise you can trigger the w... read CVE-2023-53588
Published: October 04, 2025; 12:15:55 PM -0400

V3.1: 5.5 MEDIUM
CVE-2023-53589 - In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't trust firmware n_channels If the firmware sends us a corrupted MCC response with n_channels much larger than the command response can be, we might copy... read CVE-2023-53589
Published: October 04, 2025; 12:15:55 PM -0400

V3.1: 5.5 MEDIUM
CVE-2023-53590 - In the Linux kernel, the following vulnerability has been resolved: sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop With this refcnt added in sctp_stream_priorities, we don't need to traverse all streams to check if the prio ... read CVE-2023-53590
Published: October 04, 2025; 12:15:55 PM -0400

V3.1: 5.5 MEDIUM

Created September 20, 2022 , Updated August 27, 2024

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

Legal Disclaimer: