National Vulnerability Database

National Vulnerability Database

NVD

Collaborative Vulnerability Metadata Acceptance Process
NVD Release of CVMAP
CVSS Version 3.1 Official Support!
CVSS Version 3.1 Official Support!
New NVD CVE/CPE API and Legacy SOAP Service Retirement!
New NVD CVE/CPE API and Legacy SOAP Service Retirement!


The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

  • CVE-2020-17043 - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17044, CVE-2020-17055.
    Published: November 11, 2020; 2:15:16 AM -0500

    V3.1: 7.8 HIGH
     V2.0: 6.8 MEDIUM

  • CVE-2020-17034 - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
    Published: November 11, 2020; 2:15:15 AM -0500

    V3.1: 7.8 HIGH
     V2.0: 4.6 MEDIUM

  • CVE-2020-17033 - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
    Published: November 11, 2020; 2:15:15 AM -0500

    V3.1: 7.8 HIGH
     V2.0: 4.6 MEDIUM

  • CVE-2020-17032 - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
    Published: November 11, 2020; 2:15:15 AM -0500

    V3.1: 7.8 HIGH
     V2.0: 4.6 MEDIUM

  • CVE-2020-17031 - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
    Published: November 11, 2020; 2:15:15 AM -0500

    V3.1: 7.8 HIGH
     V2.0: 4.6 MEDIUM

  • CVE-2020-17028 - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
    Published: November 11, 2020; 2:15:15 AM -0500

    V3.1: 7.8 HIGH
     V2.0: 4.6 MEDIUM

  • CVE-2020-17027 - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
    Published: November 11, 2020; 2:15:15 AM -0500

    V3.1: 7.8 HIGH
     V2.0: 4.6 MEDIUM

  • CVE-2020-17026 - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
    Published: November 11, 2020; 2:15:15 AM -0500

    V3.1: 7.8 HIGH
     V2.0: 4.6 MEDIUM

  • CVE-2020-17025 - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
    Published: November 11, 2020; 2:15:14 AM -0500

    V3.1: 7.8 HIGH
     V2.0: 4.6 MEDIUM

  • CVE-2020-8577 - SANtricity OS Controller Software versions 11.50.1 and higher are susceptible to a vulnerability which could allow an attacker to discover sensitive information by intercepting its transmission within an https session.
    Published: November 06, 2020; 12:15:12 PM -0500

    V3.1: 5.9 MEDIUM
     V2.0: 4.3 MEDIUM

  • CVE-2020-24353 - Pega Platform before 8.4.0 has a XSS issue via stream rule parameters used in the request header.
    Published: November 09, 2020; 9:15:14 AM -0500

    V3.1: 6.1 MEDIUM
     V2.0: 4.3 MEDIUM

  • CVE-2020-27196 - An issue was discovered in PlayJava in Play Framework 2.6.0 through 2.8.2. The body parsing of HTTP requests eagerly parses a payload given a Content-Type header. A deep JSON structure sent to a valid POST endpoint (that may or may not expect JSON... read CVE-2020-27196
    Published: November 06, 2020; 9:15:16 AM -0500

    V3.1: 7.5 HIGH
     V2.0: 5.0 MEDIUM

  • CVE-2020-5945 - In BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, undisclosed TMUI page contains a stored cross site scripting vulnerability (XSS). The issue allows a minor privilege escalation for resource admin to escalate to full admin.
    Published: November 05, 2020; 3:15:17 PM -0500

    V3.1: 8.4 HIGH
     V2.0: 8.5 HIGH

  • CVE-2020-14222 - HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, o... read CVE-2020-14222
    Published: November 05, 2020; 12:15:12 PM -0500

    V3.1: 6.1 MEDIUM
     V2.0: 4.3 MEDIUM

  • CVE-2020-25170 - An Excel Macro Injection vulnerability exists in the export feature in the B. Braun OnlineSuite Version AP 3.0 and earlier via multiple input fields that are mishandled in an Excel export.
    Published: November 06, 2020; 12:15:11 PM -0500

    V3.1: 7.8 HIGH
     V2.0: 6.8 MEDIUM

  • CVE-2020-25174 - A DLL hijacking vulnerability in the B. Braun OnlineSuite Version AP 3.0 and earlier allows local attackers to execute code on the system as a high privileged user.
    Published: November 06, 2020; 12:15:12 PM -0500

    V3.1: 7.8 HIGH
     V2.0: 6.9 MEDIUM

  • CVE-2020-25172 - A relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and earlier allows unauthenticated attackers to upload or download arbitrary files.
    Published: November 06, 2020; 12:15:12 PM -0500

    V3.1: 9.8 CRITICAL
     V2.0: 7.5 HIGH

  • CVE-2020-13661 - Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. The vic... read CVE-2020-13661
    Published: November 05, 2020; 2:15:12 PM -0500

    V3.1: 8.8 HIGH
     V2.0: 6.8 MEDIUM

  • CVE-2020-13536 - An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary. By default MXVi... read CVE-2020-13536
    Published: November 05, 2020; 4:15:12 PM -0500

    V3.1: 7.8 HIGH
     V2.0: 7.2 HIGH

  • CVE-2020-13537 - An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary.By default MXVie... read CVE-2020-13537
    Published: November 05, 2020; 4:15:12 PM -0500

    V3.1: 7.8 HIGH
     V2.0: 7.2 HIGH