National vulnerability database search 0 should include improved documentation, two new API endpoints providing the public with CPE Match Strings and Data Source records, twelve new parameters for the CVE API that allow users to filter requests based on metadata like CISA's Known Exploited Vulnerabilities (KEV), as well as Dec 18, 2024 · National Vulnerability Database National Vulnerability Database NVD. Nov 1, 2024 · The vulnerability was discovered via routine penetration testing. An OS command injection vulnerability in Ivanti Cloud Services Appliance National Vulnerability Database NVD. The vulnerability arises due to inappropriate secure coding measures, specifically the lack of proper implementation of the max_depth parameter in the get_article_urls function. Jan 8, 2025 · An authenticated redis user executing FT. This CVE record has been updated after NVD National Vulnerability Database National Vulnerability Database NVD. 0 to 2. NVD Contact Form Use this form for submitting general questions, requesting review of NVD analysis data or for questions about CVMAP. twitter (link is external) Nov 26, 2024 · National Vulnerability Database National Vulnerability Database NVD. Vulnerabilities; CVE-2024-12356 Detail Description . This data includes security checklist Mar 19, 2025 · Simple NIST NVD API wrapper library. 3_20201113_RELEASE(HIK). Insufficient data validation in Dawn in Nov 18, 2024 · National Vulnerability Database NVD. National Vulnerability Database National Vulnerability Database NVD. Vulnerabilities; CVE-2024-49402 Detail Description . decrypt`, causing these functions to return a valid signature verification result while returning data that was not actually signed. National Vulnerability Database NVD. 5. Type Confusion in V8 in Google Chrome prior Sep 20, 2022 · Common Vulnerability Scoring System v4. If one is unable to upgrade immediately, avoid using AuthZ plugins and/or restrict access to the Docker API to trusted parties, following the principle of least privilege. NIST maintains the National Vulnerability Database (NVD), a repository of information on software and hardware flaws that can compromise computer security. NOTE: Only vulnerabilities that match ALL keywords will be returned, Linux kernel vulnerabilities are categorized separately from vulnerabilities in specific Linux distributions. Dec 18, 2013 · Abstract The National Vulnerability Database (NVD), and its companion, the National Checklist Program (NCP), have provided a valuable and flexible set of services to users around the world since NVD was established in 2005. Common Vulnerability Scoring System Calculator This page shows the components of a CVSS assessment and allows you to refine the resulting CVSS score with additional or different metric values. A fundamental part of the CVE analysis process is to uniquely identify the vulnerable products affected by any given vulnerability. Improper input validation in Dressroom prior to SMR Nov-2024 Release 1 allow May 5, 2025 · Current Description . Sep 13, 2023 · National Vulnerability Database. 0 assessments for newly published CVE records. Vulnerabilities; CVE-2025-21342 Detail Description . 3-19. 141, and 11. Checklist Repository. Please make use of the interactive search interfaces to find information in the database! The Common Vulnerabilities and Exposures (CVE) Program’s primary purpose is to uniquely identify vulnerabilities and to associate specific versions of code bases (e. Windows Lightweight Directory Access May 14, 2019 · National Vulnerability Database NVD. y and 10. Developers; Data Sources. The National Vulnerability Database is a U. Sep 10, 2024 · National Vulnerability Database NVD. Patches have also been merged into the master, 19. This CVE record has been updated after NVD Jan 29, 2025 · National Vulnerability Database National Vulnerability Database NVD. One such system is the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). Vulnerabilities; CVE-2025-23087 Detail These CVEs are stored in the NVD, but do not show up in search results by default. What makes Galaxy Guard unique? Galaxy Guard’s extensive coverage, real-time updates, and advanced search capabilities make it an unparalleled resource for vulnerability management and Jan 24, 2025 · National Vulnerability Database NVD. The NVD augments the CVE List with additional enrichment, conversion of various data points into SCAP datatypes, a fine-grained search engine and granular APIs. " Fixed in version 11. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework. Jan 8, 2025 · You can access the National Vulnerability Database from their website at nvd. Dec 2, 2024 · National Vulnerability Database National Vulnerability Database NVD. Vulnerabilities; CVE-2025-24252 Detail Description . Vulnerabilities; CVE-2025-21587 Detail Description . Mar 24, 2025 · National Vulnerability Database National Vulnerability Database NVD. Feb 13, 2024 · NIST maintains the National Vulnerability Database (NVD), a repository of information on software and hardware flaws that can compromise computer security. The CPE Name search will perform searching for an exact match, as well as searching for all records that contain the components specified in the user-specified Dec 15, 2024 · Exploring the History and Purpose of the National Vulnerability Database. 0) Common Weakness Enumerations (CWE) These data types are referred to as submission categories within CVMAP. Supported versions that are affected are 19. 中国国家信息 安全漏洞 库为我国信息安全保障提供服务，通过自主挖掘、社会提交、协作共享、网络搜集以及技术检测等方式，联合政府部门、行业用户、安全厂商、高校和 科研机构 等 社会力量 ，对涉及国内外主流应用软件、操作系统和 网络设备 等软 硬件系统 的信息安全漏洞开展采集收录 Jul 4, 2024 · National Vulnerability Database NVD. SEARCH with a specially crafted KNN command argument, can trigger an integer overflow, leading to heap overflow and potential remote code execution. Products CPE Search; Search Common Platform Enumerations (CPE) This search engine can perform a keyword search, or a CPE Name For many users, the most noticeable changes from 1. Vulnerabilities; CVE-2024-9474 Detail Description . Integrates with CVSS and CPE. 1, a maliciously modified message can be passed to either `openpgp. 3+, and 12. 115. Apr 3, 2025 · National Vulnerability Database NVD. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise Java VM. Mar 29, 2024 · Description . php. This CVE record has been updated after NVD enrichment efforts were completed This vulnerability is patched in IdentityServer 7. Aug 26, 2024 · A vulnerability related to the use an insecure Platform Key (PK) has been discovered. Vulnerabilities; CVE-2019-11510 Detail Description . Vulnerabilities; CVE-2024-4761 Detail Description . caused by an uncontrolled search path in the CP210x VCP Windows installer can lead to privilege escalation and arbitrary code National Vulnerability Database National Vulnerability Database NVD. This CVE record has been marked for NVD Feb 25, 2025 · National Vulnerability Database NVD. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. Startinf in version 5. In Pulse Secure Pulse Connect Secure (PCS) 8 This NIST SP 800-53 database represents the security controls and associated assessment procedures defined in NIST SP 800-53 Revision 4 Recommended Security Controls for Federal Information Systems and Organizations. government repository of standards-based vulnerability For many users, the most noticeable changes from 1. Maintained by the National Institute of Standards and Technology (NIST), the NVD serves as the U. 28. This vulnerability is fixed in 12. Vulnerabilities; CVE-2025-26876 Detail Path Traversal vulnerability in CodeManas Search with Typesense allows Path Traversal National Vulnerability Database National Vulnerability Database NVD. Vulnerabilities; CVE-2024-50570 Detail Awaiting Analysis. Please read the CVSS standards guide to fully understand how to assess vulnerabilities using CVSS and to interpret the resulting scores. Vulnerabilities; CVE-2024-11187 Detail Awaiting Analysis. Nov 21, 2024 · An attacker can bypass the security controls by performing a DNS rebinding attack and view sensitive data from internal servers or perform a local port scan. gov and search for relevant vulnerabilities by their CVE or CPE, or look up checklists that you can follow to enhance your security configurations for the specific software you have deployed. The manipulation of the argument jsondata[ip] with the input netstat -ano leads to os command injection. Malicious code was discovered in the upstream tarballs of xz, starting with version 5. Vulnerabilities; CVE-2024-39943 Detail Modified. Apr 23, 2020 · そして、その際に多くの人が利用するのがアメリカ国立標準技術研究所 NIST が管理する NVD（National Vulnerability Database)のサイトではないでしょうか。 本記事では NVD の情報だけでの脆弱性調査の課題や、より楽に正しい脆弱性情報を収集するための方法につい Nov 5, 2024 · National Vulnerability Database NVD. ServiceNow deployed an update to hosted instances and ServiceNow provided the update to our partners and self-hosted customers. 1615. Vulnerabilities; CVE-2024-56516 Detail Awaiting Analysis. Supported versions that are affected are 8. The vulnerability feeds provide CVE® data organized by the first four digits of a CVE® identifier (except for the 2002 feeds which include vulnerabilities prior to and including "CVE-2002-"). 207 allowed a May 15, 2024 · National Vulnerability Database National Vulnerability Database NVD. 0, v3. Search parameters include CVE ID, CVSS score, CWE ID, vendor, product, vulnerability type, publish date, update date, and more. , software and shared libraries) to those vulnerabilities. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). Vulnerabilities Search And Statistics; Statistics Results (Refine Search) The NVD anticipates new approaches to structuring vulnerability records and describing the severity of vulnerabilities will be released in the next two years. Vulnerabilities; CVE-2024-7256 Detail Description . 0, 23. Vulnerabilities; CVE-2018-7445 Detail Description . Dec 18, 2013 · The National Vulnerability Database (NVD), and its companion, the National Checklist Program (NCP), have provided a valuable and flexible set of services to users around the world since NVD was established in 2005. Windows Hyper-V NT Kernel Integration VSP NVD：National Vulnerability Database，美国国家计算机通用漏洞数据库，是权威的漏洞数据收集平台。 官网地址： https:// nvd. 25, and 15. 20. Jan 24, 2025 · National Vulnerability Database NVD. The vulnerability is addressed in SL1 versions 12. x, 11. 0, 26. Users can craft targeted queries using a host of filters. 36. 1 (CVSS v3. Vulnerabilities; CVE-2022-32168 Detail Modified. 3 and below are unaffected, as they do not support DPoP in Local APIs. Products CPE Search; Search Common Platform Enumerations (CPE) This search engine can perform a keyword search, or a CPE Name The National Vulnerability Database (NVD) is a foundational cybersecurity resource that provides detailed information on vulnerabilities across a wide range of software and hardware. An attacker with the compromised PK private key can create malicious UEFI software that is signed with a trusted key that has been compromised. For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Developers; Products. 0 Retirement announcement, we no longer provide CVSS v2. Nov 21, 2024 · National Vulnerability Database National Vulnerability Database NVD. Feb 7, 2025 · National Vulnerability Database National Vulnerability Database NVD. 0, 24. Vulnerabilities Search And Statistics; Sort results by: Sort Search Results (Refine Search) Search Parameters: Keyword (text Jan 12, 2021 · National Vulnerability Database National Vulnerability Database NVD. 0) contains an uncontrolled search path vulnerability. 1, CWE, and CPE A vulnerability classified as critical was found in TOTOLINK A702R, A3002R and A3002RU 3. The choice of LOW, MEDIUM and HIGH is based upon the CVSS V2 Base score. When loaded on an Windows application, Netty attempts to load a file that does not exist. /tmp/` if development mode is enabled). This data supports security automation efforts based on the Security Content Automation Protocols (SCAP). Jan 14, 2025 · National Vulnerability Database National Vulnerability Database NVD. This vulnerability is fixed in 4. 11. 24. The National Vulnerability Database (NVD) is the U. Vulnerabilities; CVE-2025-1974 Detail Awaiting Analysis. General Expand or Collapse Search. A malicious actor with local administrative privileges in the Windows guest OS, where VMware Tools is installed, may be able to execute code with system privileges in the Windows guest OS due to an uncontrolled search path element. The CVE List is a list of publicly disclosed cybersecurity vulnerabilities and exposures that is free to search, use, and incorporate into products and services. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Organizations interested in submitting CPE Names should contact the NVD CPE team at [email protected] for help with the processing of their submission. This CVE record has been marked for NVD National Vulnerability Database National Vulnerability Database NVD. 0. This CVE record has been updated after NVD This search engine can perform a keyword search, or a CPE Name search. Vulnerability Status Vulnerability records within the NVD dataset are sourced from the CVE List, which is maintained by the CVE Program, upstream of the NVD. This CVE record has been updated after NVD You can search for vulnerabilities by using specific keywords, vulnerability IDs, or by filtering based on affected software, severity, and other criteria. A critical vulnerability has been discovered Mar 19, 2024 · NVD Contact Information. This vulnerability is fixed in 2. Vulnerabilities; CVE-2024-38526 Detail Awaiting Analysis. Vulnerability in the Oracle Java SE, Oracle Feb 6, 2025 · National Vulnerability Database National Vulnerability Database NVD. It has been declared as critical. 0 should include improved documentation, two new API endpoints providing the public with CPE Match Strings and Data Source records, twelve new parameters for the CVE API that allow users to filter requests based on metadata like CISA's Known Exploited Vulnerabilities (KEV), as well as 5 days ago · As of December 2009, The National Vulnerability Database is now accepting contributions to the Official CPE Dictionary. gov/ 查询地址：NVD - Search Feb 6, 2025 · Affected versions of WhoDB allow users to connect to Sqlite3 databases. 1) Common Vulnerability Scoring System v2. Feb 10, 2025 · National Vulnerability Database NVD. 0-B20230809. Vulnerabilities; CVE-2024-7969 Detail Modified. The database file is an user-controlled value. NVD Visualizations. How to use the KEV May 5, 2025 · Current Description . Vulnerabilities; CVE-2019-3568 Detail Description . Vulnerabilities in the NVD are called Common Vulnerabilities and Exposures (CVE). Mar 21, 2025 · If patching to a safe version is infeasible, it is recommend that you prevent external user requests which contain the x-middleware-subrequest header from reaching your Next. x, 10. 0 standards. y prior to 12. Vulnerabilities; CVE-2020-8231 Detail Modified. 15). This issue was fixed in version 9. 0, 25. Nov 21, 2024 · National Vulnerability Database NVD. If an attacker creates such a large file, the Netty application crashes. SEARCH or FT. For more information on how this data was constructed please see the NVD CVSS page . Vulnerabilities; CVE-2024-49112 Detail Description . Published: October 28, 2024; 4:15:06 PM -0400 Mar 3, 2021 · National Vulnerability Database NVD. 1 release branches. Nov 16, 2024 · With the ever-increasing number of threats and vulnerabilities, it has become essential to have a system that helps identify and manage these risks effectively. Department of Commerce. This vulnerability affects unknown code of the file /php/ping. There is a growing backlog of vulnerabilities submitted to the NVD and requiring analysis. ProjectSend versions prior to r1720 are Jan 21, 2025 · Vulnerability in the Java VM component of Oracle Database Server. The National Vulnerability Database (NVD) is a key part of the U. Vulnerabilities; CVE-2025-31650 Detail Modified. 89, 11. Search Vulnerability Database. gov/ 查询地址：NVD - Search Nov 21, 2024 · The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. A stack-based buffer overflow in Ivanti Connect Secure before version 22. caused by an uncontrolled search path in the CP210x VCP Windows installer can lead to privilege escalation and arbitrary code Sep 13, 2023 · National Vulnerability Database. 3. This visualization is a simple graph which shows the distribution of vulnerabilities by severity over time. It’s managed by the National Institute of Standards and Technology (NIST). Aug 21, 2024 · National Vulnerability Database National Vulnerability Database NVD. 5, 13. 1. The public API function BIO_new_NDEF is a helper function used for streaming ASN. 22 and prior. Missing authentication for a critical Mar 3, 2021 · National Vulnerability Database NVD. 7R2 The National Vulnerability Database (NVD) provides CVSS enrichment for all published CVE records. 27. Vulnerabilities; CVE-2024-5910 Detail Description . But what is it, and why is it so important for fighting digital threats? The Genesis of the National Sep 20, 2022 · The National Vulnerability Database (NVD) is tasked with analyzing each CVE once it has been published to the CVE List. Feb 20, 2025 · The NVD is the U. This guide looks into the various aspects of NIST NVD to understand Dec 30, 2024 · National Vulnerability Database National Vulnerability Database NVD. However, per the NVD CVSS v2. 9, 14. The NVD is the U. Vulnerabilities; CVE-2024-8190 Detail Description . This is a key piece of the nation’s cybersecurity infrastructure. A use-after-free issue was addressed with May 28, 2020 · The vulnerability is limited to the Dell Dock Firmware Update Utilities during the time window while being executed by an administrator. This section of the NVD is designed to give users of the NVD data different ways to look at the data and provide an overview to the data and hopefully spark some interest into why a particular visualization looks the way it does. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. 4-23. Vulnerabilities; CVE-2023-20198 Detail Description . This page provides information regarding both the CVE Program and NVD sets of statuses and how they relate to each other. Nov 20, 2023 · National Vulnerability Database (NVD) – Extensive CVE vulnerability database maintained by NIST, based on CVE List feed. 5 days ago · As of December 2009, The National Vulnerability Database is now accepting contributions to the Official CPE Dictionary. The NVD was established to provide a U. 3-21. How to Keep Up-to-Date with the NVD Data Using the Traditional Feeds. 0 (CVSS v2. This CVE record has been marked for NVD May 5, 2025 · 关于新增快页信息技术有限公司等八家单位为cnvd支撑单位的公告 2024-11-12 Nov 21, 2024 · National Vulnerability Database National Vulnerability Database NVD. NVD analysts use the reference information provided with the CVE and any publicly available information at the time of analysis to associate Reference Tags, Common Vulnerability Scoring System (CVSS) v3. 4 (Premium) due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This vulnerability was added to the CISA Known Exploited Vulnerabilities (KEV) Catalog on 2025-04-28. A buffer overflow was found in the MikroTik Nov 21, 2024 · Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Vulnerabilities; CVE-2021-23125 Detail Modified. Vulnerabilities; CVE-2024-4947 Detail Description . 16 and 23. Getting Started. S. 1 containes patches to fix the vulnerability. Note: A precondition of this vulnerability is that the user must be using the Okta Device Access passwordless feature. Search Parameters: Keyword (text search): spring; Search Type: Search All; There are 276 matching records. 0) Common Vulnerability Scoring System v3. Vuln ID Summary CVSS Severity ; CVE-2025-47934: OpenPGP. May 8, 2019 · National Vulnerability Database National Vulnerability Database NVD. Remediations have been made available for all SL1 versions back to version lines 10. 25, 21. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. x, and 11. 8. 10. A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code Nov 12, 2024 · An unsafe reading of environment file could potentially cause a denial of service in Netty. MITRE CVE List – Comprehensive list of CVE Records provided by MITRE. 6367. US-CERT Vulnerability Notes Database – Contains disclosure records published by CISA. Version 6. government repository of standards-based vulnerability management data. 24, 2. js is a JavaScript implementation of the OpenPGP protocol. This data includes security checklist For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Okta Device Access users not using passwordless are not affected, and customers only using Okta Verify on platforms other than Windows, or only using FastPass Dec 17, 2024 · National Vulnerability Database National Vulnerability Database NVD. Oct 18, 2024 · ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The attack can be initiated remotely. Vulnerabilities; CVE-2023-2005 Detail Modified. Nov 21, 2024 · docker-ce v27. This effort allows consumers of our data to check for known issues for any product they may currently have in their environment (as long as they know the associated product identifier). 1 and prior to versions 5. NVDlib is a Python library that allows you to interface with the NIST National Vulnerability Database (NVD), pull vulnerabilities (CVEs), and Common Platform Enumeration (CPEs) into easily accessible objects. This CVE record has been updated after NVD enrichment efforts were completed. Vulnerabilities; CVE-2025-22457 Detail Description . x and v4. Cisco is providing an update for the ongoing . 0, and 26. Developers; Request an API Key. The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U. 3 and 6. The NVD website provides a robust search engine to navigate its entire catalog of vulnerability data efficiently. Cisco is providing an update for the ongoing Apr 10, 2024 · The National Vulnerability Database is so overwhelmed with a steadily increasing number of software and hardware flaws that the National Institute of Standards and Technology, which maintains the common vulnerabilities and exposures repository, called for a slight pause to regroup and reprioritize its efforts. An attacker can exploit this vulnerability to access highly sensitive internal server(s) and steal sensitive information. government repository of data about software vulnerabilities and configuration settings, leveraging open standards to provide reliable and A vulnerability was found in Hikvision Intercom Broadcasting System 3. A privilege escalation vulnerability in Palo Alto Networks PAN-OS software Feb 20, 2025 · 国家信息安全漏洞库， 为负责建设运维的国家级信息安全漏洞数据管理平台， 旨在为我国信息安全保障提供服务。 A Denial of Service (DoS) vulnerability has been identified in the KnowledgeBaseWebReader class of the run-llama/llama_index project, affecting version ~ latest(v0. 3+. 46, 11. For information on how to the cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository . Vulnerabilities; CVE-2024-11680 Detail Description . Sep 20, 2022 · National Vulnerability Database National Vulnerability Database NVD. 2. The National Vulnerability Database (NVD) is a product of the NIST Computer Security Division, Information Technology Laboratory. The NVD expects the CVE Program to release CVEv5 in 2023 and for FIRST to release CVSSv4 sometime afterwards. 4 (Free) and <= 2. Vulnerability in the Oracle Java SE, Oracle Mar 17, 2016 · China National Information Security Vulnerability Database, the English name "China National Vulnerability Database of Information Security", referred to as "CNNVD", is maintained by China Information Security Evaluation Center for the effective performance of the functions of vulnerability analysis and risk assessment, responsible for building Dec 3, 2024 · National Vulnerability Database National Vulnerability Database NVD. nist. Apr 15, 2025 · National Vulnerability Database National Vulnerability Database NVD. " The National Vulnerability Database (NVD) is the largest publicly available source of vulnerability intelligence. This CVE record has been marked for NVD The Relevanssi – A Better Search plugin for WordPress is vulnerable to time-based SQL Injection via the cats and tags query parameters in all versions up to, and including, 4. Vulnerabilities; CVE-2024-10905 Detail Awaiting Analysis. Vulnerabilities; CVE-2025-21333 Detail Description . g. 3+, 12. During this time window, a locally authenticated low-privileged malicious user could exploit this vulnerability by tricking an administrator into overwriting arbitrary files via a symlink attack. x. The NVD includes databases of security configuration checklists for the NCP, listings of publicly known software flaws, product names, and impact metrics. Microsoft Edge (Chromium-based) Remote Code NVD：National Vulnerability Database，美国国家计算机通用漏洞数据库，是权威的漏洞数据收集平台。 官网地址： https:// nvd. To request an NVD API Key, please provide your organization name and a valid email address, and Jul 2, 2024 · National Vulnerability Database NVD. 21, and 2. 6. By default, the databases must be present in `/db/` (or alternatively `. 23. 0 (CVSS v4. Founded in 1901, National Institute of Standards and Technology (NIST) is a non-regulatory federal agency within the U. 03, 20. 12. Aug 3, 2024 · National Vulnerability Database National Vulnerability Database NVD. The keyword search will perform searching across all components of the CPE name for the user specified search text. Jun 16, 2009 · Summary. AGGREGATE with a specially crafted LIMIT command argument, or FT. js application. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. The manipulation of the argument submit-url leads to buffer overflow. cybersecurity system. Oct 29, 2024 · ServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This data enables automation of vulnerability management, security measurement, and compliance. It is maintained by a group within the National Institute of Standards and Technology (NIST) and builds upon the work of MITRE and others. 1 data via a BIO. Nov 21, 2024 · The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. If no databases are present in the default directory, the UI indicates that the user is unable to open any databases. The NVD supports Common Vulnerability Scoring System (CVSS) v2. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This CVE record has been marked for NVD Nov 21, 2024 · VMware Tools for Windows (11. General; A Brief History of the NVD. 32. 217 for Windows and Linux platforms. This CVE record has been marked for NVD Apr 28, 2025 · National Vulnerability Database NVD. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics. The NVD includes databases of security checklist references, security related software flaws, product names, and impact metrics. Apr 29, 2025 · National Vulnerability Database National Vulnerability Database NVD. Vulnerabilities; CVE-2021-22681 Detail Modified. Try a product name, vendor name, CVE name, or an OVAL query. Out of bounds write in V8 in Google Chrome prior to 124. This vulnerability affects unknown code of the file /boafrm/formDMZ of the component HTTP POST Request Handler. In Pulse Secure Pulse Connect Secure (PCS) 8 Nov 21, 2024 · docker-ce v27. verify` or `openpgp. All NIST publications are available in the public domain according to Title 17 of the United States Code, however services which utilize or access the NVD are asked to display the following notice prominently within the application: "This product uses data from the NVD API but is not endorsed or certified by the NVD. Apr 25, 2025 · According to the Commvault advisory: "Webservers can be compromised through bad actors creating and executing webshells. The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. gcv tdvbmx xibbc ywji hjrdccq jqssquo omwdjrf tpzwwjm otbh ycp