U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

NVD Dashboard

CVEs Received and Processed

CVEs Received and Processed

Please Wait

Time Period New CVEs Received by NVD New CVEs Analyzed by NVD Modified CVEs Received by NVD Modified CVEs Re-analyzed by NVD
Today {{data.count}}
This Week {{data.count}}
This Month {{data.count}}
Last Month {{data.count}}
This Year {{data.count}}

CVE Status Count

Please Wait

CVE Status Count

{{data.name}} {{data.count}}

CVSS Score Spread

Please Wait

CVSS V3 Score Distribution

Severity Number of Vulns
{{data.name}} {{data.count}}

CVSS V2 Score Distribution

Severity Number of Vulns
{{data.name}} {{data.count}}


For information on how to the cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity
  • CVE-2024-21346 - Win32k Elevation of Privilege Vulnerability
    Published: February 13, 2024; 1:15:50 PM -0500

    V3.1: 7.8 HIGH

  • CVE-2024-20679 - Azure Stack Hub Spoofing Vulnerability
    Published: February 13, 2024; 1:15:47 PM -0500

    V3.1: 6.5 MEDIUM

  • CVE-2024-20684 - Windows Hyper-V Denial of Service Vulnerability
    Published: February 13, 2024; 1:15:47 PM -0500

    V3.1: 6.5 MEDIUM

  • CVE-2024-20695 - Skype for Business Information Disclosure Vulnerability
    Published: February 13, 2024; 1:15:48 PM -0500

    V3.1: 5.7 MEDIUM

  • CVE-2024-21345 - Windows Kernel Elevation of Privilege Vulnerability
    Published: February 13, 2024; 1:15:50 PM -0500

    V3.1: 8.8 HIGH

  • CVE-2023-45716 - Sametime is impacted by sensitive information passed in URL.
    Published: February 09, 2024; 5:15:07 PM -0500

    V3.1: 4.1 MEDIUM

  • CVE-2023-52429 - dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.
    Published: February 11, 2024; 10:15:32 PM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2024-25739 - create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size.
    Published: February 11, 2024; 10:15:32 PM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2024-25740 - A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released.
    Published: February 11, 2024; 10:15:32 PM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2024-21410 - Microsoft Exchange Server Elevation of Privilege Vulnerability
    Published: February 13, 2024; 1:15:59 PM -0500

    V3.1: 9.8 CRITICAL

  • CVE-2024-23222 - A type confusion issue was addressed with improved checks. This issue is fixed in tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3, visionOS 1.0.2. Proce... read CVE-2024-23222
    Published: January 22, 2024; 8:15:11 PM -0500

    V3.1: 8.8 HIGH

  • CVE-2024-21401 - Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability
    Published: February 13, 2024; 1:15:58 PM -0500

    V3.1: 9.8 CRITICAL

  • CVE-2024-21413 - Microsoft Outlook Remote Code Execution Vulnerability
    Published: February 13, 2024; 1:16:00 PM -0500

    V3.1: 9.8 CRITICAL

  • CVE-2023-4535 - An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device o... read CVE-2023-4535
    Published: November 06, 2023; 12:15:12 PM -0500

    V3.1: 3.8 LOW

  • CVE-2022-21476 - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition:... read CVE-2022-21476
    Published: April 19, 2022; 5:15:17 PM -0400

    V3.1: 7.5 HIGH
    V2.0: 5.0 MEDIUM

  • CVE-2023-44330 - Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user in... read CVE-2023-44330
    Published: November 16, 2023; 10:15:08 AM -0500

    V3.1: 7.8 HIGH

  • CVE-2020-11935 - It was discovered that aufs improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service attack.
    Published: April 06, 2023; 10:15:07 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2023-25840 - There is a Cross-site Scripting vulnerability in ArcGIS Server in versions 10.8.1 – 11.1 that may allow a remote, authenticated attacker to create a crafted link which onmouseover wont execute but could potentially render an image in the victims ... read CVE-2023-25840
    Published: July 21, 2023; 3:15:10 PM -0400

    V3.1: 3.4 LOW

  • CVE-2021-29093 - A use-after-free vulnerability when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account.
    Published: March 25, 2021; 5:15:13 PM -0400

    V3.1: 6.8 MEDIUM
    V2.0: 6.0 MEDIUM

  • CVE-2021-29095 - Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 (and earlier) allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the... read CVE-2021-29095
    Published: March 25, 2021; 5:15:13 PM -0400

    V3.1: 6.8 MEDIUM
    V2.0: 6.0 MEDIUM