NVD

NVD API Key

NVD Release of CVMAP

New NVD CVE/CPE API and Legacy SOAP Service Retirement!

The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

CVE-2019-8005 - Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. ... read CVE-2019-8005
Published: August 20, 2019; 4:15:15 PM -0400

V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2019-8004 - Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. ... read CVE-2019-8004
Published: August 20, 2019; 4:15:15 PM -0400

V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2019-8003 - Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Succ... read CVE-2019-8003
Published: August 20, 2019; 4:15:15 PM -0400

V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2019-8002 - Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. ... read CVE-2019-8002
Published: August 20, 2019; 4:15:15 PM -0400

V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2019-7965 - Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability.... read CVE-2019-7965
Published: August 20, 2019; 4:15:15 PM -0400

V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2021-0672 - In Browser app, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID... read CVE-2021-0672
Published: November 18, 2021; 10:15:09 AM -0500

V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2018-1785 - IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. IBM X-Force ID: 148870.
Published: September 26, 2018; 11:29:01 AM -0400

V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2018-1545 - IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 142649.
Published: September 26, 2018; 11:29:00 AM -0400

V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2018-1853 - IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hi... read CVE-2018-1853
Published: April 08, 2019; 11:29:00 AM -0400

V3.1: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2019-8043 - Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. ... read CVE-2019-8043
Published: August 20, 2019; 4:15:18 PM -0400

V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2021-0670 - In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05654663; Issue ID: ... read CVE-2021-0670
Published: November 18, 2021; 10:15:09 AM -0500

V3.1: 6.7 MEDIUM
V2.0: 7.2 HIGH
CVE-2019-8042 - Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Succes... read CVE-2019-8042
Published: August 20, 2019; 4:15:18 PM -0400

V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2021-0669 - In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05681550; Issue ID: ... read CVE-2021-0669
Published: November 18, 2021; 10:15:09 AM -0500

V3.1: 6.7 MEDIUM
V2.0: 7.2 HIGH
CVE-2021-0668 - In apusys, there is a possible memory corruption due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05670521; Is... read CVE-2021-0668
Published: November 18, 2021; 10:15:09 AM -0500

V3.1: 6.7 MEDIUM
V2.0: 7.2 HIGH
CVE-2021-0671 - In apusys, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05664273; Issu... read CVE-2021-0671
Published: November 18, 2021; 10:15:09 AM -0500

V3.1: 6.7 MEDIUM
V2.0: 7.2 HIGH
CVE-2021-39231 - In Apache Ozone versions prior to 1.2.0, Various internal server-to-server RPC endpoints are available for connections, making it possible for an attacker to download raw data from Datanode and Ozone manager and modify Ratis replication configurat... read CVE-2021-39231
Published: November 19, 2021; 5:15:08 AM -0500

V3.1: 9.1 CRITICAL
V2.0: 6.4 MEDIUM
CVE-2021-36372 - In Apache Ozone versions prior to 1.2.0, Initially generated block tokens are persisted to the metadata database and can be retrieved with authenticated users with permission to the key. Authenticated users may use them even after access is revoked.
Published: November 19, 2021; 5:15:07 AM -0500

V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2021-42363 - The Preview E-Mails for WooCommerce WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the search_order parameter found in the ~/views/form.php file which allows attackers to inject arbitrary web scripts, in versions up to and in... read CVE-2021-42363
Published: November 19, 2021; 11:15:07 AM -0500

V3.1: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2021-3519 - A vulnerability was reported in some Lenovo Desktop models that could allow unauthorized access to the boot menu, when the "BIOS Password At Boot Device List" BIOS setting is Yes.
Published: November 12, 2021; 5:15:07 PM -0500

V3.1: 6.8 MEDIUM
V2.0: 6.9 MEDIUM
CVE-2019-8050 - Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Succes... read CVE-2019-8050
Published: August 20, 2019; 5:15:13 PM -0400

V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database