National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

NVD Dashboard

CVEs Received and Processed

CVEs Received and Processed

Please Wait

Time Period New CVEs Received by NVD New CVEs Analyzed by NVD Modified CVEs Received by NVD Modified CVEs Re-analyzed by NVD
Today {{data.count}}
This Week {{data.count}}
This Month {{data.count}}
Last Month {{data.count}}
This Year {{data.count}}

CVE Status Count

Please Wait

CVE Status Count

{{data.name}} {{data.count}}

CVSS Score Spread

Please Wait

CVSS V3 Score Distribution

Severity Number of Vulns
{{data.name}} {{data.count}}

CVSS V2 Score Distribution

Severity Number of Vulns
{{data.name}} {{data.count}}
Last 20 Scored Vulnerability IDs & Summaries CVSS Severity
  • CVE-2020-1149 — An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1077, CVE-2020-1086, CVE-2020-1090, CVE-2020... read CVE-2020-1149
    Published: May 21, 2020; 07:15:16 PM -04:00

    V3.1: 7.8 HIGH
        V2: 6.8 MEDIUM

  • CVE-2020-3184 — A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-ba... read CVE-2020-3184
    Published: May 22, 2020; 02:15:10 AM -04:00

    V3.1: 7.2 HIGH
        V2: 6.5 MEDIUM

  • CVE-2020-3272 — A vulnerability in the DHCP server of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation of incom... read CVE-2020-3272
    Published: May 22, 2020; 02:15:10 AM -04:00

    V3.1: 7.5 HIGH
        V2: 7.8 HIGH

  • CVE-2020-3280 — A vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to insecure deseri... read CVE-2020-3280
    Published: May 22, 2020; 02:15:10 AM -04:00

    V3.1: 9.8 CRITICAL
        V2: 10.0 HIGH

  • CVE-2018-1000517 — BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectiv... read CVE-2018-1000517
    Published: June 26, 2018; 12:29:01 PM -04:00

    V3.1: 9.8 CRITICAL
        V2: 7.5 HIGH

  • CVE-2020-0909 — A denial of service vulnerability exists when Hyper-V on a Windows Server fails to properly handle specially crafted network packets.To exploit the vulnerability, an attacker would send specially crafted network packets to the Hyper-V Server.The secu... read CVE-2020-0909
    Published: May 21, 2020; 07:15:11 PM -04:00

    V3.1: 7.5 HIGH
        V2: 5.0 MEDIUM

  • CVE-2020-13633 — Fork before 5.8.3 allows XSS via navigation_title or title.
    Published: May 27, 2020; 12:15:13 PM -04:00

    V3.1: 6.1 MEDIUM
        V2: 4.3 MEDIUM

  • CVE-2020-1153 — A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'.
    Published: May 21, 2020; 07:15:17 PM -04:00

    V3.1: 7.8 HIGH
        V2: 9.3 HIGH

  • CVE-2020-1154 — An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.
    Published: May 21, 2020; 07:15:17 PM -04:00

    V3.1: 7.8 HIGH
        V2: 7.2 HIGH

  • CVE-2011-2192 — The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSS... read CVE-2011-2192
    Published: July 07, 2011; 05:55:02 PM -04:00

        V2: 4.3 MEDIUM

  • CVE-2020-3314 — A vulnerability in the file scan process of Cisco AMP for Endpoints Mac Connector Software could cause the scan engine to crash during the scan of local files, resulting in a restart of the AMP Connector and a denial of service (DoS) condition of the... read CVE-2020-3314
    Published: May 22, 2020; 02:15:10 AM -04:00

    V3.1: 6.1 MEDIUM
        V2: 5.8 MEDIUM

  • CVE-2020-13631 — SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
    Published: May 27, 2020; 11:15:12 AM -04:00

    V3.1: 7.5 HIGH
        V2: 5.0 MEDIUM

  • CVE-2020-13389 — An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in th... read CVE-2020-13389
    Published: May 22, 2020; 01:15:11 PM -04:00

    V3.1: 9.8 CRITICAL
        V2: 7.5 HIGH

  • CVE-2020-13632 — ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.
    Published: May 27, 2020; 11:15:13 AM -04:00

    V3.1: 7.5 HIGH
        V2: 5.0 MEDIUM

  • CVE-2020-1140 — An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.
    Published: May 21, 2020; 07:15:16 PM -04:00

    V3.1: 7.8 HIGH
        V2: 7.2 HIGH

  • CVE-2020-1142 — An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'.
    Published: May 21, 2020; 07:15:16 PM -04:00

    V3.1: 7.8 HIGH
        V2: 7.2 HIGH

  • CVE-2020-13630 — ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
    Published: May 27, 2020; 11:15:12 AM -04:00

    V3.1: 9.8 CRITICAL
        V2: 7.5 HIGH

  • CVE-2020-1150 — A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1028, CVE-2020-1126, CVE-2020-1136.
    Published: May 21, 2020; 07:15:16 PM -04:00

    V3.1: 7.8 HIGH
        V2: 6.8 MEDIUM

  • CVE-2020-1054 — An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143.
    Published: May 21, 2020; 07:15:12 PM -04:00

    V3.1: 7.8 HIGH
        V2: 7.2 HIGH

  • CVE-2020-6091 — An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1470Ui MAIN: 98009273ESWWV107 MAIN2: 8X7325WWV303. A specially crafted series of HTTP requests can cause authentication bypass resulting in i... read CVE-2020-6091
    Published: May 22, 2020; 10:15:12 AM -04:00

    V3.1: 9.1 CRITICAL
        V2: 6.4 MEDIUM