National Vulnerability Database

National Vulnerability Database

NVD

NVD Dashboard

CVEs Received and Processed

CVEs Received and Processed

Please Wait

Time Period New CVEs Received by NVD New CVEs Analyzed by NVD Modified CVEs Received by NVD Modified CVEs Re-analyzed by NVD
Today {{data.count}}
This Week {{data.count}}
This Month {{data.count}}
Last Month {{data.count}}
This Year {{data.count}}

CVE Status Count

Please Wait

CVE Status Count

{{data.name}} {{data.count}}

CVSS Score Spread

Please Wait

CVSS V3 Score Distribution

Severity Number of Vulns
{{data.name}} {{data.count}}

CVSS V2 Score Distribution

Severity Number of Vulns
{{data.name}} {{data.count}}
Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

  • CVE-2021-1792 - An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker m... read CVE-2021-1792
    Published: April 02, 2021; 2:15:21 PM -0400

    V3.1: 8.8 HIGH
     V2.0: 6.8 MEDIUM

  • CVE-2021-1791 - An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watc... read CVE-2021-1791
    Published: April 02, 2021; 2:15:21 PM -0400

    V3.1: 5.5 MEDIUM
     V2.0: 7.1 HIGH

  • CVE-2021-1789 - A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. Proc... read CVE-2021-1789
    Published: April 02, 2021; 2:15:21 PM -0400

    V3.1: 8.8 HIGH
     V2.0: 6.8 MEDIUM

  • CVE-2021-1772 - A stack overflow was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciousl... read CVE-2021-1772
    Published: April 02, 2021; 2:15:20 PM -0400

    V3.1: 7.8 HIGH
     V2.0: 6.8 MEDIUM

  • CVE-2021-1755 - A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. A person with physical access to an iOS device may be able to access contacts ... read CVE-2021-1755
    Published: April 02, 2021; 2:15:19 PM -0400

    V3.1: 2.4 LOW
     V2.0: 2.1 LOW

  • CVE-2021-1788 - A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4, Safari 14.0.3. P... read CVE-2021-1788
    Published: April 02, 2021; 2:15:21 PM -0400

    V3.1: 8.8 HIGH
     V2.0: 6.8 MEDIUM

  • CVE-2021-1787 - Multiple issues were addressed with improved logic. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local attacker may be able to el... read CVE-2021-1787
    Published: April 02, 2021; 2:15:21 PM -0400

    V3.1: 7.8 HIGH
     V2.0: 4.6 MEDIUM

  • CVE-2021-1786 - A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local user may be able t... read CVE-2021-1786
    Published: April 02, 2021; 2:15:21 PM -0400

    V3.1: 5.5 MEDIUM
     V2.0: 4.9 MEDIUM

  • CVE-2021-28874 - SerenityOS fixed as of c9f25bca048443e317f1994ba9b106f2386688c3 contains a buffer overflow vulnerability in LibTextCode through opening a crafted file.
    Published: April 06, 2021; 9:15:14 AM -0400

    V3.1: 7.8 HIGH
     V2.0: 6.8 MEDIUM

  • CVE-2021-27343 - SerenityOS Unspecified is affected by: Buffer Overflow. The impact is: obtain sensitive information (context-dependent). The component is: /Userland/Libraries/LibCrypto/ASN1/DER.h Crypto::der_decode_sequence() function. The attack vector is: Parsi... read CVE-2021-27343
    Published: April 06, 2021; 9:15:14 AM -0400

    V3.1: 7.5 HIGH
     V2.0: 5.0 MEDIUM

  • CVE-2021-28171 - The Vangene deltaFlow E-platform does not take properly protective measures. Attackers can obtain privileged permissions remotely by tampering with users’ data in the Cookie.
    Published: April 06, 2021; 8:15:17 AM -0400

    V3.1: 9.8 CRITICAL
     V2.0: 7.5 HIGH

  • CVE-2021-24153 - A Stored Cross-Site Scripting vulnerability was discovered in the Yoast SEO WordPress plugin before 3.4.1, which had built-in blacklist filters which were blacklisting Parenthesis as well as several functions such as alert but bypasses were found.
    Published: April 05, 2021; 3:15:14 PM -0400

    V3.1: 5.4 MEDIUM
     V2.0: 3.5 LOW

  • CVE-2021-1767 - This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image may lead to heap corrupt... read CVE-2021-1767
    Published: April 02, 2021; 2:15:20 PM -0400

    V3.1: 7.8 HIGH
     V2.0: 9.3 HIGH

  • CVE-2021-24170 - The REST API endpoint get_users in the User Profile Picture WordPress plugin before 2.5.0 returned more information than was required for its functionality to users with the upload_files capability. This included password hashes, hashed user activ... read CVE-2021-24170
    Published: April 05, 2021; 3:15:15 PM -0400

    V3.1: 7.5 HIGH
     V2.0: 5.0 MEDIUM

  • CVE-2021-1760 - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A malicious ap... read CVE-2021-1760
    Published: April 02, 2021; 2:15:20 PM -0400

    V3.1: 5.5 MEDIUM
     V2.0: 4.3 MEDIUM

  • CVE-2021-24173 - The VM Backups WordPress plugin through 1.0 does not have CSRF checks, allowing attackers to make a logged in user unwanted actions, such as update the plugin's options, leading to a Stored Cross-Site Scripting issue.
    Published: April 05, 2021; 3:15:15 PM -0400

    V3.1: 6.1 MEDIUM
     V2.0: 4.3 MEDIUM

  • CVE-2021-28173 - The file upload function of Vangene deltaFlow E-platform does not perform access controlled properly. Remote attackers can upload and execute arbitrary files without login.
    Published: April 06, 2021; 8:15:17 AM -0400

    V3.1: 9.8 CRITICAL
     V2.0: 7.5 HIGH

  • CVE-2021-24186 - The tutor_answering_quiz_question/get_answer_by_id function pair from the Tutor LMS – eLearning and online course solution WordPress plugin before 1.8.3 was vulnerable to UNION based SQL injection that could be exploited by students.
    Published: April 05, 2021; 3:15:16 PM -0400

    V3.1: 6.5 MEDIUM
     V2.0: 4.0 MEDIUM

  • CVE-2021-1763 - A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted USD file may l... read CVE-2021-1763
    Published: April 02, 2021; 2:15:20 PM -0400

    V3.1: 7.8 HIGH
     V2.0: 9.3 HIGH

  • CVE-2021-1759 - An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafte... read CVE-2021-1759
    Published: April 02, 2021; 2:15:20 PM -0400

    V3.1: 7.8 HIGH
     V2.0: 9.3 HIGH