U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.


The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.

For information on how to cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity
  • CVE-2024-21440 - Microsoft ODBC Driver Remote Code Execution Vulnerability
    Published: March 12, 2024; 1:15:53 PM -0400

  • CVE-2024-21438 - Microsoft AllJoyn API Denial of Service Vulnerability
    Published: March 12, 2024; 1:15:52 PM -0400

  • CVE-2024-21434 - Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability
    Published: March 12, 2024; 1:15:52 PM -0400

  • CVE-2024-21451 - Microsoft ODBC Driver Remote Code Execution Vulnerability
    Published: March 12, 2024; 1:15:54 PM -0400

  • CVE-2024-21450 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
    Published: March 12, 2024; 1:15:54 PM -0400

  • CVE-2024-21448 - Microsoft Teams for Android Information Disclosure Vulnerability
    Published: March 12, 2024; 1:15:54 PM -0400

  • CVE-2024-21444 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
    Published: March 12, 2024; 1:15:53 PM -0400

  • CVE-2024-21441 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
    Published: March 12, 2024; 1:15:53 PM -0400

  • CVE-2024-26161 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
    Published: March 12, 2024; 1:15:55 PM -0400

  • CVE-2024-26159 - Microsoft ODBC Driver Remote Code Execution Vulnerability
    Published: March 12, 2024; 1:15:54 PM -0400

  • CVE-2024-20791 - Illustrator versions 28.4, 27.9.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerabilit... read CVE-2024-20791
    Published: May 16, 2024; 5:15:08 AM -0400

  • CVE-2023-42928 - The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.1 and iPadOS 17.1. An app may be able to gain elevated privileges.
    Published: February 21, 2024; 2:15:50 AM -0500

    V3.1: 7.8 HIGH

  • CVE-2023-42835 - A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1. An attacker may be able to access user data.
    Published: February 21, 2024; 2:15:48 AM -0500

    V3.1: 7.5 HIGH

  • CVE-2024-1703 - A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic. This affects the function openfile of the file /adminapi/system/file/openfile. The manipulation leads to absolute path traversal. The exploit has been d... read CVE-2024-1703
    Published: February 21, 2024; 12:15:08 PM -0500

    V3.1: 5.3 MEDIUM

  • CVE-2024-1704 - A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been declared as critical. This vulnerability affects the function save/delete of the file /adminapi/system/crud. The manipulation leads to path traversal. The exploit has been disclos... read CVE-2024-1704
    Published: February 21, 2024; 1:15:50 PM -0500

    V3.1: 8.1 HIGH

  • CVE-2024-20767 - ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized... read CVE-2024-20767
    Published: March 18, 2024; 8:15:06 AM -0400

    V3.1: 9.1 CRITICAL

  • CVE-2024-20745 - Premiere Pro versions 24.1, 23.6.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in tha... read CVE-2024-20745
    Published: March 18, 2024; 11:15:41 AM -0400

  • CVE-2024-20746 - Premiere Pro versions 24.1, 23.6.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vi... read CVE-2024-20746
    Published: March 18, 2024; 11:15:41 AM -0400

  • CVE-2024-20752 - Bridge versions 13.0.5, 14.0.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must ... read CVE-2024-20752
    Published: March 18, 2024; 12:15:07 PM -0400

  • CVE-2024-20755 - Bridge versions 13.0.5, 14.0.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a ... read CVE-2024-20755
    Published: March 18, 2024; 12:15:07 PM -0400

Created September 20, 2022 , Updated August 27, 2024