The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.
For information on how to cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.
Legal Disclaimer:
Here is where you can read the NVD legal disclaimer.
-
CVE-2024-21440 - Microsoft ODBC Driver Remote Code Execution Vulnerability
Published: March 12, 2024; 1:15:53 PM -0400 -
CVE-2024-21438 - Microsoft AllJoyn API Denial of Service Vulnerability
Published: March 12, 2024; 1:15:52 PM -0400 -
CVE-2024-21434 - Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability
Published: March 12, 2024; 1:15:52 PM -0400 -
CVE-2024-21451 - Microsoft ODBC Driver Remote Code Execution Vulnerability
Published: March 12, 2024; 1:15:54 PM -0400 -
CVE-2024-21450 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Published: March 12, 2024; 1:15:54 PM -0400 -
CVE-2024-21448 - Microsoft Teams for Android Information Disclosure Vulnerability
Published: March 12, 2024; 1:15:54 PM -0400 -
CVE-2024-21444 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Published: March 12, 2024; 1:15:53 PM -0400 -
CVE-2024-21441 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Published: March 12, 2024; 1:15:53 PM -0400 -
CVE-2024-26161 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Published: March 12, 2024; 1:15:55 PM -0400 -
CVE-2024-26159 - Microsoft ODBC Driver Remote Code Execution Vulnerability
Published: March 12, 2024; 1:15:54 PM -0400 -
CVE-2024-20791 - Illustrator versions 28.4, 27.9.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerabilit... read CVE-2024-20791
Published: May 16, 2024; 5:15:08 AM -0400 -
CVE-2023-42928 - The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.1 and iPadOS 17.1. An app may be able to gain elevated privileges.
Published: February 21, 2024; 2:15:50 AM -0500V3.1: 7.8 HIGH
-
CVE-2023-42835 - A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1. An attacker may be able to access user data.
Published: February 21, 2024; 2:15:48 AM -0500V3.1: 7.5 HIGH
-
CVE-2024-1703 - A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been classified as problematic. This affects the function openfile of the file /adminapi/system/file/openfile. The manipulation leads to absolute path traversal. The exploit has been d... read CVE-2024-1703
Published: February 21, 2024; 12:15:08 PM -0500V3.1: 5.3 MEDIUM
-
CVE-2024-1704 - A vulnerability was found in ZhongBangKeJi CRMEB 5.2.2. It has been declared as critical. This vulnerability affects the function save/delete of the file /adminapi/system/crud. The manipulation leads to path traversal. The exploit has been disclos... read CVE-2024-1704
Published: February 21, 2024; 1:15:50 PM -0500V3.1: 8.1 HIGH
-
CVE-2024-20767 - ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized... read CVE-2024-20767
Published: March 18, 2024; 8:15:06 AM -0400V3.1: 9.1 CRITICAL
-
CVE-2024-20745 - Premiere Pro versions 24.1, 23.6.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in tha... read CVE-2024-20745
Published: March 18, 2024; 11:15:41 AM -0400 -
CVE-2024-20746 - Premiere Pro versions 24.1, 23.6.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vi... read CVE-2024-20746
Published: March 18, 2024; 11:15:41 AM -0400 -
CVE-2024-20752 - Bridge versions 13.0.5, 14.0.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must ... read CVE-2024-20752
Published: March 18, 2024; 12:15:07 PM -0400 -
CVE-2024-20755 - Bridge versions 13.0.5, 14.0.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a ... read CVE-2024-20755
Published: March 18, 2024; 12:15:07 PM -0400