U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.


The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.

For information on how to cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity
  • CVE-2024-26098 - Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be execute... read CVE-2024-26098
    Published: April 10, 2024; 5:15:10 AM -0400

  • CVE-2024-26097 - Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be execute... read CVE-2024-26097
    Published: April 10, 2024; 5:15:09 AM -0400

  • CVE-2024-26087 - Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be execute... read CVE-2024-26087
    Published: April 10, 2024; 5:15:09 AM -0400

  • CVE-2024-26084 - Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be execute... read CVE-2024-26084
    Published: April 10, 2024; 5:15:09 AM -0400

  • CVE-2024-26079 - Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be execute... read CVE-2024-26079
    Published: April 10, 2024; 5:15:08 AM -0400

  • CVE-2024-26076 - Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be execute... read CVE-2024-26076
    Published: April 10, 2024; 5:15:08 AM -0400

  • CVE-2024-26047 - Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be execute... read CVE-2024-26047
    Published: April 10, 2024; 5:15:08 AM -0400

  • CVE-2024-26046 - Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be execute... read CVE-2024-26046
    Published: April 10, 2024; 5:15:08 AM -0400

  • CVE-2024-20780 - Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be execute... read CVE-2024-20780
    Published: April 10, 2024; 5:15:07 AM -0400

  • CVE-2024-20779 - Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be execute... read CVE-2024-20779
    Published: April 10, 2024; 5:15:07 AM -0400

  • CVE-2024-20778 - Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be execute... read CVE-2024-20778
    Published: April 10, 2024; 5:15:07 AM -0400

  • CVE-2024-26125 - Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be execute... read CVE-2024-26125
    Published: March 18, 2024; 2:15:19 PM -0400

  • CVE-2024-26124 - Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be execute... read CVE-2024-26124
    Published: March 18, 2024; 2:15:19 PM -0400

  • CVE-2024-26120 - Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be execute... read CVE-2024-26120
    Published: March 18, 2024; 2:15:19 PM -0400

  • CVE-2024-7392 - ChargePoint Home Flex Bluetooth Low Energy Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of ChargePoint Home Flex charging devices. Authentic... read CVE-2024-7392
    Published: November 22, 2024; 5:15:18 PM -0500

    V3.1: 6.5 MEDIUM

  • CVE-2024-26119 - Adobe Experience Manager versions 6.5.19 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauth... read CVE-2024-26119
    Published: March 18, 2024; 2:15:19 PM -0400

    V3.1: 9.8 CRITICAL

  • CVE-2024-8838 - PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to explo... read CVE-2024-8838
    Published: November 22, 2024; 4:15:22 PM -0500

    V3.1: 7.8 HIGH

  • CVE-2024-27323 - PDF-XChange Editor Updater Improper Certificate Validation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is not... read CVE-2024-27323
    Published: April 01, 2024; 6:15:15 PM -0400

    V3.1: 7.5 HIGH

  • CVE-2024-7509 - Trimble SketchUp SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to ... read CVE-2024-7509
    Published: November 22, 2024; 5:15:18 PM -0500

    V3.1: 7.8 HIGH

  • CVE-2024-20768 - Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be execute... read CVE-2024-20768
    Published: March 18, 2024; 2:15:09 PM -0400

Created September 20, 2022 , Updated August 27, 2024