) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
NVD Dashboard
CVEs Received and Processed
| Time Period | New CVEs Received by NVD | New CVEs Analyzed by NVD | Modified CVEs Received by NVD | Modified CVEs Re-analyzed by NVD |
|---|---|---|---|---|
| Today | {{data.count}} | |||
| This Week | {{data.count}} | |||
| This Month | {{data.count}} | |||
| Last Month | {{data.count}} | |||
| This Year | {{data.count}} |
CVE Status Count
| {{data.name}} | {{data.count}} |
NVD Contains
| CVE Vulnerabilities | 206011 |
| Checklists | 602 |
| US-CERT Alerts | 249 |
| US-CERT Vuln Notes | 4487 |
| OVAL Queries | 10286 |
| CPE Names | 1015427 |
CVSS V3 Score Distribution
| Severity | Number of Vulns |
|---|---|
| {{data.name}} | {{data.count}} |
CVSS V2 Score Distribution
| Severity | Number of Vulns |
|---|---|
| {{data.name}} | {{data.count}} |
For information on how to the cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.
-
CVE-2020-11061 - In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs... read CVE-2020-11061
Published: July 10, 2020; 4:15:11 PM -0400V3.1: 7.4 HIGH
V2.0: 6.0 MEDIUM
-
CVE-2022-42413 - This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malic... read CVE-2022-42413
Published: January 26, 2023; 1:59:57 PM -0500V3.1: 5.5 MEDIUM
-
CVE-2022-42412 - This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malic... read CVE-2022-42412
Published: January 26, 2023; 1:59:57 PM -0500V3.1: 5.5 MEDIUM
-
CVE-2022-42411 - This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malic... read CVE-2022-42411
Published: January 26, 2023; 1:59:57 PM -0500V3.1: 5.5 MEDIUM
-
CVE-2022-30674 - Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ... read CVE-2022-30674
Published: September 16, 2022; 2:15:12 PM -0400V3.1: 5.5 MEDIUM
-
CVE-2022-42390 - This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malic... read CVE-2022-42390
Published: January 26, 2023; 1:59:56 PM -0500V3.1: 5.5 MEDIUM
-
CVE-2022-40617 - strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's cont... read CVE-2022-40617
Published: October 31, 2022; 2:15:09 AM -0400V3.1: 7.5 HIGH
-
CVE-2017-9109 - An issue was discovered in adns before 1.5.2. It fails to ignore apparent answers before the first RR that was found the first time. when this is fixed, the second answer scan finds the same RRs at the first. Otherwise, adns can be confused by int... read CVE-2017-9109
Published: June 18, 2020; 10:15:10 AM -0400V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
-
CVE-2017-9103 - An issue was discovered in adns before 1.5.2. pap_mailbox822 does not properly check st from adns__findlabel_next. Without this, an uninitialised stack value can be used as the first label length. Depending on the circumstances, an attacker might ... read CVE-2017-9103
Published: June 18, 2020; 11:15:10 AM -0400V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
-
CVE-2017-9104 - An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered.
Published: June 18, 2020; 11:15:10 AM -0400V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
-
CVE-2017-9108 - An issue was discovered in adns before 1.5.2. adnshost mishandles a missing final newline on a stdin read. It is wrong to increment used as well as setting r, since used is incremented according to r, later. Rather one should be doing what read() ... read CVE-2017-9108
Published: June 18, 2020; 10:15:10 AM -0400V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
-
CVE-2017-9105 - An issue was discovered in adns before 1.5.2. It corrupts a pointer when a nameserver speaks first because of a wrong number of pointer dereferences. This bug may well be exploitable as a remote code execution.
Published: June 18, 2020; 10:15:10 AM -0400 -
CVE-2020-14148 - The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function.
Published: June 15, 2020; 2:15:15 PM -0400V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
-
CVE-2018-6703 - Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution via a specially crafted HTT... read CVE-2018-6703
Published: December 11, 2018; 6:29:00 PM -0500V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
-
CVE-2020-13999 - ScaleViewPortExtEx in libemf.cpp in libEMF (aka ECMA-234 Metafile Library) 1.0.12 allows an integer overflow and denial of service via a crafted EMF file.
Published: June 15, 2020; 12:15:22 PM -0400V3.1: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
-
CVE-2018-6689 - Authentication Bypass vulnerability in McAfee Data Loss Prevention Endpoint (DLPe) 10.0.x earlier than 10.0.510, and 11.0.x earlier than 11.0.600 allows attackers to bypass local security protection via specific conditions.
Published: October 03, 2018; 8:29:00 AM -0400V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
-
CVE-2018-6700 - DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key (TK) before 5.1.165 allows local users to execute arbitrary code via specially crafted malware.
Published: September 24, 2018; 9:29:00 AM -0400V3.1: 7.8 HIGH
V2.0: 6.8 MEDIUM
-
CVE-2018-6690 - Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from ex... read CVE-2018-6690
Published: September 18, 2018; 6:29:00 PM -0400 -
CVE-2020-4046 - In affected versions of WordPress, users with low privileges (like contributors and authors) can use the embed block in a certain way to inject unfiltered HTML in the block editor. When affected posts are viewed by a higher privileged user, this c... read CVE-2020-4046
Published: June 12, 2020; 12:15:10 PM -0400V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
-
CVE-2020-10702 - A flaw was found in QEMU in the implementation of the Pointer Authentication (PAuth) support for ARM introduced in version 4.0 and fixed in version 5.0.0. A general failure of the signature generation process caused every PAuth-enforced pointer to... read CVE-2020-10702
Published: June 04, 2020; 2:15:14 PM -0400V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW