NVD Dashboard
CVEs Received and Processed
Time Period | New CVEs Received by NVD | New CVEs Analyzed by NVD | Modified CVEs Received by NVD | Modified CVEs Re-analyzed by NVD |
---|---|---|---|---|
Today | {{data.count}} | |||
This Week | {{data.count}} | |||
This Month | {{data.count}} | |||
Last Month | {{data.count}} | |||
This Year | {{data.count}} |
CVE Status Count
{{data.name}} | {{data.count}} |
NVD Contains
CVE Vulnerabilities | 241948 |
Checklists | 783 |
US-CERT Alerts | 249 |
US-CERT Vuln Notes | 4486 |
OVAL Queries | 10286 |
CPE Names | 1262118 |
CVSS V3 Score Distribution
Severity | Number of Vulns |
---|---|
{{data.name}} | {{data.count}} |
CVSS V2 Score Distribution
Severity | Number of Vulns |
---|---|
{{data.name}} | {{data.count}} |
For information on how to the cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.
-
CVE-2023-6515 - Authorization Bypass Through User-Controlled Key vulnerability in Mia Technology Inc. M?A-MED allows Authentication Abuse.This issue affects M?A-MED: before 1.0.7.
Published: February 08, 2024; 5:15:11 AM -0500V3.1: 8.8 HIGH
-
CVE-2023-6517 - Exposure of Sensitive Information Due to Incompatible Policies vulnerability in Mia Technology Inc. M?A-MED allows Collect Data as Provided by Users.This issue affects M?A-MED: before 1.0.7.
Published: February 08, 2024; 7:15:55 AM -0500V3.1: 7.5 HIGH
-
CVE-2023-6518 - Plaintext Storage of a Password vulnerability in Mia Technology Inc. M?A-MED allows Read Sensitive Strings Within an Executable.This issue affects M?A-MED: before 1.0.7.
Published: February 08, 2024; 7:15:55 AM -0500V3.1: 7.5 HIGH
-
CVE-2023-6519 - Exposure of Data Element to Wrong Session vulnerability in Mia Technology Inc. M?A-MED allows Read Sensitive Strings Within an Executable.This issue affects M?A-MED: before 1.0.7.
Published: February 08, 2024; 7:15:55 AM -0500V3.1: 7.5 HIGH
-
CVE-2023-52448 - In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump Syzkaller has reported a NULL pointer dereference when accessing rgd->rd_rgl in gfs2_rgrp_dump(). This can happen wh... read CVE-2023-52448
Published: February 22, 2024; 12:15:08 PM -0500V3.1: 5.5 MEDIUM
-
CVE-2023-52449 - In the Linux kernel, the following vulnerability has been resolved: mtd: Fix gluebi NULL pointer dereference caused by ftl notifier If both ftl.ko and gluebi.ko are loaded, the notifier of ftl triggers NULL pointer dereference when trying to acc... read CVE-2023-52449
Published: February 22, 2024; 12:15:08 PM -0500V3.1: 5.5 MEDIUM
-
CVE-2023-52450 - In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() Get logical socket id instead of physical id in discover_upi_topology() to avoid out-of-bound ac... read CVE-2023-52450
Published: February 22, 2024; 12:15:08 PM -0500V3.1: 5.5 MEDIUM
-
CVE-2023-52451 - In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/memhp: Fix access beyond end of drmem array dlpar_memory_remove_by_index() may access beyond the bounds of the drmem lmb array when the LMB lookup fails to match... read CVE-2023-52451
Published: February 22, 2024; 12:15:08 PM -0500V3.1: 7.8 HIGH
-
CVE-2023-52452 - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix accesses to uninit stack slots Privileged programs are supposed to be able to read uninitialized stack memory (ever since 6715df8d5) but, before this patch, these acces... read CVE-2023-52452
Published: February 22, 2024; 12:15:08 PM -0500V3.1: 7.8 HIGH
-
CVE-2024-26586 - In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix stack corruption When tc filters are first added to a net device, the corresponding local port gets bound to an ACL group in the device. The group ... read CVE-2024-26586
Published: February 22, 2024; 12:15:08 PM -0500V3.1: 7.8 HIGH
-
CVE-2024-26587 - In the Linux kernel, the following vulnerability has been resolved: net: netdevsim: don't try to destroy PHC on VFs PHC gets initialized in nsim_init_netdevsim(), which is only called if (nsim_dev_port_is_pf()). Create a counterpart of nsim_ini... read CVE-2024-26587
Published: February 22, 2024; 12:15:08 PM -0500V3.1: 5.5 MEDIUM
-
CVE-2024-26588 - In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Prevent out-of-bounds memory access The test_tag test triggers an unhandled page fault: # ./test_tag [ 130.640218] CPU 0 Unable to handle kernel paging req... read CVE-2024-26588
Published: February 22, 2024; 12:15:08 PM -0500V3.1: 7.8 HIGH
-
CVE-2024-26589 - In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS For PTR_TO_FLOW_KEYS, check_flow_keys_access() only uses fixed off for validation. However, variable offset ptr alu is not pr... read CVE-2024-26589
Published: February 22, 2024; 12:15:09 PM -0500V3.1: 7.8 HIGH
-
CVE-2024-26591 - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix re-attachment branch in bpf_tracing_prog_attach The following case can cause a crash due to missing attach_btf: 1) load rawtp program 2) load fentry program with rawtp... read CVE-2024-26591
Published: February 22, 2024; 12:15:09 PM -0500V3.1: 5.5 MEDIUM
-
CVE-2024-26590 - In the Linux kernel, the following vulnerability has been resolved: erofs: fix inconsistent per-file compression format EROFS can select compression algorithms on a per-file basis, and each per-file compression algorithm needs to be marked in th... read CVE-2024-26590
Published: February 22, 2024; 12:15:09 PM -0500V3.1: 5.5 MEDIUM
-
CVE-2023-42282 - The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic.
Published: February 08, 2024; 12:15:10 PM -0500V3.1: 9.8 CRITICAL
-
CVE-2023-37605 - Weak Exception Handling vulnerability in baramundi software GmbH EMM Agent 23.1.50 and before allows an attacker to cause a denial of service via a crafted request to the password parameter.
Published: October 02, 2023; 3:15:10 PM -0400V3.1: 5.5 MEDIUM
-
CVE-2022-48541 - A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of service via the "identify -help" command.
Published: August 22, 2023; 3:16:31 PM -0400V3.1: 7.1 HIGH
-
CVE-2023-36554 - A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.10, version 6.4.0 through 6.4.13, 6.2 all versions allows attacker to execute unauthorized code or commands via specially craf... read CVE-2023-36554
Published: March 12, 2024; 11:15:45 AM -0400V3.1: 9.8 CRITICAL
-
CVE-2023-42789 - A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker... read CVE-2023-42789
Published: March 12, 2024; 11:15:46 AM -0400V3.1: 9.8 CRITICAL