National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

NVD Dashboard

CVEs Received and Processed

CVEs Received and Processed

Please Wait

Time Period New CVEs Received by NVD New CVEs Analyzed by NVD Modified CVEs Received by NVD Modified CVEs Re-analyzed by NVD
Today {{data.count}}
This Week {{data.count}}
This Month {{data.count}}
Last Month {{data.count}}
This Year {{data.count}}

CVE Status Count

Please Wait

CVE Status Count

{{data.name}} {{data.count}}

CVSS Score Spread

Please Wait

CVSS V3 Score Distribution

Severity Number of Vulns
{{data.name}} {{data.count}}

CVSS V2 Score Distribution

Severity Number of Vulns
{{data.name}} {{data.count}}
Last 20 Scored Vulnerability IDs & Summaries CVSS Severity
  • CVE-2012-1326 — Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraints of the certificate authority which could lead to MITM attacks
    Published: January 15, 2020; 09:15:11 AM -05:00

    V3.1: 7.4 HIGH
        V2: 5.8 MEDIUM

  • CVE-2012-1316 — Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead to MITM attacks
    Published: January 15, 2020; 09:15:11 AM -05:00

    V3.1: 5.9 MEDIUM
        V2: 4.3 MEDIUM

  • CVE-2015-7874 — Buffer overflow in the chat server in KiTTY Portable 0.65.0.2p and earlier allows remote attackers to execute arbitrary code via a long nickname.
    Published: January 15, 2020; 11:15:12 AM -05:00

    V3.1: 9.8 CRITICAL
        V2: 10.0 HIGH

  • CVE-2020-7053 — In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is relate... read CVE-2020-7053
    Published: January 14, 2020; 04:15:16 PM -05:00

    V3.1: 7.8 HIGH
        V2: 4.6 MEDIUM

  • CVE-2007-4774 — The Linux kernel before 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process.
    Published: January 15, 2020; 12:15:13 PM -05:00

    V3.1: 5.9 MEDIUM
        V2: 4.3 MEDIUM

  • CVE-2020-2593 — Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows un... read CVE-2020-2593
    Published: January 15, 2020; 12:15:19 PM -05:00

    V3.1: 4.8 MEDIUM
        V2: 5.8 MEDIUM

  • CVE-2020-2601 — Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unau... read CVE-2020-2601
    Published: January 15, 2020; 12:15:20 PM -05:00

    V3.1: 6.8 MEDIUM
        V2: 4.3 MEDIUM

  • CVE-2020-2604 — Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows... read CVE-2020-2604
    Published: January 15, 2020; 12:15:20 PM -05:00

    V3.1: 8.1 HIGH
        V2: 6.8 MEDIUM

  • CVE-2020-2654 — Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access v... read CVE-2020-2654
    Published: January 15, 2020; 12:15:24 PM -05:00

    V3.1: 3.7 LOW
        V2: 4.3 MEDIUM

  • CVE-2011-3610 — A Cross-site Scripting (XSS) vulnerability exists in the Serendipity freetag plugin before 3.30 in the tagcloud parameter to plugins/serendipity_event_freetag/tagcloud.swf.
    Published: January 22, 2020; 11:15:10 AM -05:00

    V3.1: 6.1 MEDIUM
        V2: 4.3 MEDIUM

  • CVE-2011-4907 — Joomla! 1.5x through 1.5.12: Missing JEXEC Check
    Published: January 15, 2020; 09:15:11 AM -05:00

    V3.1: 5.3 MEDIUM
        V2: 5.0 MEDIUM

  • CVE-2020-2590 — Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unau... read CVE-2020-2590
    Published: January 15, 2020; 12:15:19 PM -05:00

    V3.1: 3.7 LOW
        V2: 4.3 MEDIUM

  • CVE-2020-2583 — Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows... read CVE-2020-2583
    Published: January 15, 2020; 12:15:19 PM -05:00

    V3.1: 3.7 LOW
        V2: 4.3 MEDIUM

  • CVE-2020-2585 — Vulnerability in the Java SE product of Oracle Java SE (component: JavaFX). The supported version that is affected is Java SE: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to com... read CVE-2020-2585
    Published: January 15, 2020; 12:15:19 PM -05:00

    V3.1: 5.9 MEDIUM
        V2: 4.3 MEDIUM

  • CVE-2020-2098 — A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins.
    Published: January 15, 2020; 11:15:15 AM -05:00

    V3.1: 8.8 HIGH
        V2: 9.3 HIGH

  • CVE-2012-2950 — Gateway Geomatics MapServer for Windows before 3.0.6 contains a Local File Include Vulnerability which allows remote attackers to execute local PHP code and obtain sensitive information.
    Published: January 09, 2020; 05:15:10 PM -05:00

    V3.1: 8.1 HIGH
        V2: 9.3 HIGH

  • CVE-2020-2655 — Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to comprom... read CVE-2020-2655
    Published: January 15, 2020; 12:15:24 PM -05:00

    V3.1: 4.8 MEDIUM
        V2: 5.8 MEDIUM

  • CVE-2012-4603 — Citrix XenApp Online Plug-in for Windows 12.1 and earlier, and Citrix Receiver for Windows 3.2 and earlier could allow remote attackers to execute arbitrary code by convincing a target to open a specially crafted file from an SMB or WebDAV fileserver... read CVE-2012-4603
    Published: January 10, 2020; 04:15:11 PM -05:00

    V3.1: 7.8 HIGH
        V2: 9.3 HIGH

  • CVE-2019-18893 — XSS in the Video Downloader component before 1.5 of Avast Secure Browser 77.1.1831.91 and AVG Secure Browser 77.0.1790.77 allows websites to execute their code in the context of this component. While Video Downloader is technically a browser extensio... read CVE-2019-18893
    Published: January 13, 2020; 12:15:11 PM -05:00

    V3.1: 6.1 MEDIUM
        V2: 4.3 MEDIUM

  • CVE-2020-2659 — Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated at... read CVE-2020-2659
    Published: January 15, 2020; 12:15:24 PM -05:00

    V3.1: 3.7 LOW
        V2: 4.3 MEDIUM