National vulnerability database search.

National vulnerability database search This CVE record has been updated after NVD enrichment efforts were completed. 46, 11. 3_20201113_RELEASE(HIK). 10. This vulnerability affects unknown code of the file /boafrm/formDMZ of the component HTTP POST Request Handler. This CVE record has been updated after NVD You can search for vulnerabilities by using specific keywords, vulnerability IDs, or by filtering based on affected software, severity, and other criteria. 3-19. Insufficient data validation in Dawn in Nov 18, 2024 · National Vulnerability Database NVD. Vulnerabilities; CVE-2025-1974 Detail Awaiting Analysis. 3-21. 1 and prior to versions 5. 1 data via a BIO. This CVE record has been updated after NVD Jan 29, 2025 · National Vulnerability Database National Vulnerability Database NVD. x and v4. js application. 11. This vulnerability affects unknown code of the file /php/ping. Vulnerabilities; CVE-2024-7969 Detail Modified. 32. Vulnerabilities; CVE-2019-3568 Detail Description . Jan 8, 2025 · You can access the National Vulnerability Database from their website at nvd. 3 and 6. The NVD includes databases of security checklist references, security related software flaws, product names, and impact metrics. 4-23. 3. Vulnerabilities Search And Statistics; Statistics Results (Refine Search) The NVD anticipates new approaches to structuring vulnerability records and describing the severity of vulnerabilities will be released in the next two years. Apr 29, 2025 · National Vulnerability Database National Vulnerability Database NVD. S. Try a product name, vendor name, CVE name, or an OVAL query. 12. Nov 21, 2024 · National Vulnerability Database National Vulnerability Database NVD. 217 for Windows and Linux platforms. Vulnerabilities Search And Statistics; Sort results by: Sort Search Results (Refine Search) Search Parameters: Keyword (text Jan 12, 2021 · National Vulnerability Database National Vulnerability Database NVD. 141, and 11. The National Vulnerability Database is a U. 3 and below are unaffected, as they do not support DPoP in Local APIs. Sep 20, 2022 · National Vulnerability Database National Vulnerability Database NVD. ProjectSend versions prior to r1720 are Jan 21, 2025 · Vulnerability in the Java VM component of Oracle Database Server. 0 (CVSS v2. 0, 25. Nov 21, 2024 · docker-ce v27. The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. The National Checklist Program (NCP), defined by the NIST SP 800-70, is the U. Vulnerabilities; CVE-2024-49112 Detail Description . During this time window, a locally authenticated low-privileged malicious user could exploit this vulnerability by tricking an administrator into overwriting arbitrary files via a symlink attack. " Fixed in version 11. The National Vulnerability Database (NVD) is the U. Apr 15, 2025 · National Vulnerability Database National Vulnerability Database NVD. SEARCH or FT. Vulnerabilities; CVE-2023-20198 Detail Description . x, and 11. Jan 14, 2025 · National Vulnerability Database National Vulnerability Database NVD. Please read the CVSS standards guide to fully understand how to assess vulnerabilities using CVSS and to interpret the resulting scores. , software and shared libraries) to those vulnerabilities. Vulnerabilities; CVE-2024-5910 Detail Description . One such system is the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). Aug 3, 2024 · National Vulnerability Database National Vulnerability Database NVD. 0, 26. Vulnerabilities; CVE-2021-23125 Detail Modified. Apr 23, 2020 · そして、その際に多くの人が利用するのがアメリカ国立標準技術研究所 NIST が管理する NVD（National Vulnerability Database)のサイトではないでしょうか。本記事では NVD の情報だけでの脆弱性調査の課題や、より楽に正しい脆弱性情報を収集するための方法につい Nov 5, 2024 · National Vulnerability Database NVD. 3+, 12. The NVD includes databases of security configuration checklists for the NCP, listings of publicly known software flaws, product names, and impact metrics. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). General Expand or Collapse Search. The vulnerability feeds provide CVE® data organized by the first four digits of a CVE® identifier (except for the 2002 feeds which include vulnerabilities prior to and including "CVE-2002-"). Mar 21, 2025 · If patching to a safe version is infeasible, it is recommend that you prevent external user requests which contain the x-middleware-subrequest header from reaching your Next. gov/ 查询地址：NVD - Search Nov 21, 2024 · The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. 3+, and 12. 4 (Premium) due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Vulnerability in the Oracle Java SE, Oracle Feb 6, 2025 · National Vulnerability Database National Vulnerability Database NVD. If an attacker creates such a large file, the Netty application crashes. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework. 0 Retirement announcement, we no longer provide CVSS v2. This CVE record has been updated after NVD This search engine can perform a keyword search, or a CPE Name search. A malicious actor with local administrative privileges in the Windows guest OS, where VMware Tools is installed, may be able to execute code with system privileges in the Windows guest OS due to an uncontrolled search path element. 中国国家信息安全漏洞库为我国信息安全保障提供服务，通过自主挖掘、社会提交、协作共享、网络搜集以及技术检测等方式，联合政府部门、行业用户、安全厂商、高校和科研机构等社会力量，对涉及国内外主流应用软件、操作系统和网络设备等软硬件系统的信息安全漏洞开展采集收录 Jul 4, 2024 · National Vulnerability Database NVD. 0) contains an uncontrolled search path vulnerability. How to use the KEV May 5, 2025 · Current Description . Apr 25, 2025 · According to the Commvault advisory: "Webservers can be compromised through bad actors creating and executing webshells. A stack-based buffer overflow in Ivanti Connect Secure before version 22. 1, CWE, and CPE A vulnerability classified as critical was found in TOTOLINK A702R, A3002R and A3002RU 3. verify` or `openpgp. 0 to 2. To request an NVD API Key, please provide your organization name and a valid email address, and Jul 2, 2024 · National Vulnerability Database NVD. Sep 13, 2023 · National Vulnerability Database. government repository of data about software vulnerabilities and configuration settings, leveraging open standards to provide reliable and A vulnerability was found in Hikvision Intercom Broadcasting System 3. Feb 10, 2025 · National Vulnerability Database NVD. US-CERT Vulnerability Notes Database – Contains disclosure records published by CISA. This vulnerability is fixed in 12. Vulnerabilities; CVE-2024-11680 Detail Description . It’s managed by the National Institute of Standards and Technology (NIST). Oct 18, 2024 · ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. 25, and 15. Microsoft Edge (Chromium-based) Remote Code NVD：National Vulnerability Database，美国国家计算机通用漏洞数据库，是权威的漏洞数据收集平台。官网地址： https:// nvd. An OS command injection vulnerability in Ivanti Cloud Services Appliance National Vulnerability Database NVD. Vulnerabilities; CVE-2020-8231 Detail Modified. Apr 3, 2025 · National Vulnerability Database NVD. g. National Vulnerability Database NVD. 23. This data supports security automation efforts based on the Security Content Automation Protocols (SCAP). Vulnerabilities; CVE-2025-21333 Detail Description . 16 and 23. 207 allowed a May 15, 2024 · National Vulnerability Database National Vulnerability Database NVD. This CVE record has been marked for NVD Feb 25, 2025 · National Vulnerability Database NVD. Dec 18, 2013 · Abstract The National Vulnerability Database (NVD), and its companion, the National Checklist Program (NCP), have provided a valuable and flexible set of services to users around the world since NVD was established in 2005. The NVD expects the CVE Program to release CVEv5 in 2023 and for FIRST to release CVSSv4 sometime afterwards. All NIST publications are available in the public domain according to Title 17 of the United States Code, however services which utilize or access the NVD are asked to display the following notice prominently within the application: "This product uses data from the NVD API but is not endorsed or certified by the NVD. Vulnerabilities in the NVD are called Common Vulnerabilities and Exposures (CVE). gov/ 查询地址：NVD - Search Feb 6, 2025 · Affected versions of WhoDB allow users to connect to Sqlite3 databases. caused by an uncontrolled search path in the CP210x VCP Windows installer can lead to privilege escalation and arbitrary code Sep 13, 2023 · National Vulnerability Database. Vulnerabilities; CVE-2024-9474 Detail Description . The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics. 15). This data includes security checklist For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. The attack can be initiated remotely. /tmp/` if development mode is enabled). For more information on how this data was constructed please see the NVD CVSS page . Developers; Data Sources. A use-after-free issue was addressed with May 28, 2020 · The vulnerability is limited to the Dell Dock Firmware Update Utilities during the time window while being executed by an administrator. By default, the databases must be present in `/db/` (or alternatively `. However, per the NVD CVSS v2. But what is it, and why is it so important for fighting digital threats? The Genesis of the National Sep 20, 2022 · The National Vulnerability Database (NVD) is tasked with analyzing each CVE once it has been published to the CVE List. 0 (CVSS v4. NOTE: Only vulnerabilities that match ALL keywords will be returned, Linux kernel vulnerabilities are categorized separately from vulnerabilities in specific Linux distributions. 6. y and 10. It has been declared as critical. 36. Sep 10, 2024 · National Vulnerability Database NVD. Feb 20, 2025 · The NVD is the U. 115. 4 (Free) and <= 2. Vulnerabilities; CVE-2024-50570 Detail Awaiting Analysis. 0 standards. The NVD was established to provide a U. Vulnerabilities; CVE-2025-24252 Detail Description . This CVE record has been marked for NVD The Relevanssi – A Better Search plugin for WordPress is vulnerable to time-based SQL Injection via the cats and tags query parameters in all versions up to, and including, 4. Oct 29, 2024 · ServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. cybersecurity system. Cisco is providing an update for the ongoing . Vulnerabilities; CVE-2024-4947 Detail Description . Vulnerabilities; CVE-2025-26876 Detail Path Traversal vulnerability in CodeManas Search with Typesense allows Path Traversal National Vulnerability Database National Vulnerability Database NVD. 89, 11. The NVD augments the CVE List with additional enrichment, conversion of various data points into SCAP datatypes, a fine-grained search engine and granular APIs. Vulnerabilities; CVE-2025-21587 Detail Description . ServiceNow deployed an update to hosted instances and ServiceNow provided the update to our partners and self-hosted customers. Please make use of the interactive search interfaces to find information in the database! The Common Vulnerabilities and Exposures (CVE) Program’s primary purpose is to uniquely identify vulnerabilities and to associate specific versions of code bases (e. 1. Developers; Request an API Key. Vulnerability in the Oracle Java SE, Oracle Mar 17, 2016 · China National Information Security Vulnerability Database, the English name "China National Vulnerability Database of Information Security", referred to as "CNNVD", is maintained by China Information Security Evaluation Center for the effective performance of the functions of vulnerability analysis and risk assessment, responsible for building Dec 3, 2024 · National Vulnerability Database National Vulnerability Database NVD. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP). The National Vulnerability Database (NVD) is a key part of the U. Department of Commerce. Vulnerabilities; CVE-2018-7445 Detail Description . 21, and 2. Common Vulnerability Scoring System Calculator This page shows the components of a CVSS assessment and allows you to refine the resulting CVSS score with additional or different metric values. government repository of publicly available security checklists (or benchmarks) that provide detailed low level guidance on setting the security configuration of operating systems and applications. 5, 13. Vulnerabilities; CVE-2024-11187 Detail Awaiting Analysis. Vulnerabilities; CVE-2025-21342 Detail Description . Okta Device Access users not using passwordless are not affected, and customers only using Okta Verify on platforms other than Windows, or only using FastPass Dec 17, 2024 · National Vulnerability Database National Vulnerability Database NVD. Cisco is providing an update for the ongoing Apr 10, 2024 · The National Vulnerability Database is so overwhelmed with a steadily increasing number of software and hardware flaws that the National Institute of Standards and Technology, which maintains the common vulnerabilities and exposures repository, called for a slight pause to regroup and reprioritize its efforts. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. Getting Started. A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code Nov 12, 2024 · An unsafe reading of environment file could potentially cause a denial of service in Netty. A fundamental part of the CVE analysis process is to uniquely identify the vulnerable products affected by any given vulnerability. 6367. An attacker with the compromised PK private key can create malicious UEFI software that is signed with a trusted key that has been compromised. Vulnerabilities; CVE-2024-10905 Detail Awaiting Analysis. 7R2 The National Vulnerability Database (NVD) provides CVSS enrichment for all published CVE records. 28. Feb 7, 2025 · National Vulnerability Database National Vulnerability Database NVD. 0, 23. This CVE record has been marked for NVD National Vulnerability Database National Vulnerability Database NVD. 22 and prior. Vulnerabilities; CVE-2019-11510 Detail Description . What makes Galaxy Guard unique? Galaxy Guard’s extensive coverage, real-time updates, and advanced search capabilities make it an unparalleled resource for vulnerability management and Jan 24, 2025 · National Vulnerability Database NVD. This data includes security checklist Mar 19, 2025 · Simple NIST NVD API wrapper library. decrypt`, causing these functions to return a valid signature verification result while returning data that was not actually signed. Mar 24, 2025 · National Vulnerability Database National Vulnerability Database NVD. NVDlib is a Python library that allows you to interface with the NIST National Vulnerability Database (NVD), pull vulnerabilities (CVEs), and Common Platform Enumeration (CPEs) into easily accessible objects. Checklist Repository. Vulnerabilities; CVE-2024-8190 Detail Description . Aug 26, 2024 · A vulnerability related to the use an insecure Platform Key (PK) has been discovered. Dec 2, 2024 · National Vulnerability Database National Vulnerability Database NVD. The manipulation of the argument submit-url leads to buffer overflow. Type Confusion in V8 in Google Chrome prior Sep 20, 2022 · Common Vulnerability Scoring System v4. 24, 2. Vulnerabilities; CVE-2025-22457 Detail Description . Search Vulnerability Database. Nov 21, 2024 · National Vulnerability Database NVD. The manipulation of the argument jsondata[ip] with the input netstat -ano leads to os command injection. caused by an uncontrolled search path in the CP210x VCP Windows installer can lead to privilege escalation and arbitrary code National Vulnerability Database National Vulnerability Database NVD. 25, 21. 0. Dec 18, 2013 · The National Vulnerability Database (NVD), and its companion, the National Checklist Program (NCP), have provided a valuable and flexible set of services to users around the world since NVD was established in 2005. 24. 1 (CVSS v3. " The National Vulnerability Database (NVD) is the largest publicly available source of vulnerability intelligence. If one is unable to upgrade immediately, avoid using AuthZ plugins and/or restrict access to the Docker API to trusted parties, following the principle of least privilege. This CVE record has been marked for NVD May 5, 2025 · 关于新增快页信息技术有限公司等八家单位为cnvd支撑单位的公告 2024-11-12 Nov 21, 2024 · National Vulnerability Database National Vulnerability Database NVD. 0, 24. Maintained by the National Institute of Standards and Technology (NIST), the NVD serves as the U. 0 should include improved documentation, two new API endpoints providing the public with CPE Match Strings and Data Source records, twelve new parameters for the CVE API that allow users to filter requests based on metadata like CISA's Known Exploited Vulnerabilities (KEV), as well as Dec 18, 2024 · National Vulnerability Database National Vulnerability Database NVD. Nov 16, 2024 · With the ever-increasing number of threats and vulnerabilities, it has become essential to have a system that helps identify and manage these risks effectively. This vulnerability is fixed in 4. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. The National Vulnerability Database (NVD) is a product of the NIST Computer Security Division, Information Technology Laboratory. Mar 29, 2024 · Description . php. This issue was fixed in version 9. This page provides information regarding both the CVE Program and NVD sets of statuses and how they relate to each other. Malicious code was discovered in the upstream tarballs of xz, starting with version 5. x. The vulnerability is addressed in SL1 versions 12. Windows Lightweight Directory Access May 14, 2019 · National Vulnerability Database NVD. Vulnerabilities; CVE-2021-22681 Detail Modified. y prior to 12. x, 10. gov and search for relevant vulnerabilities by their CVE or CPE, or look up checklists that you can follow to enhance your security configurations for the specific software you have deployed. 0-B20230809. Organizations interested in submitting CPE Names should contact the NVD CPE team at [email protected] for help with the processing of their submission. This section of the NVD is designed to give users of the NVD data different ways to look at the data and provide an overview to the data and hopefully spark some interest into why a particular visualization looks the way it does. Vulnerabilities; CVE-2025-31650 Detail Modified. Vulnerabilities; CVE-2024-4761 Detail Description . Users can craft targeted queries using a host of filters. The database file is an user-controlled value. Supported versions that are affected are 19. Jan 8, 2025 · An authenticated redis user executing FT. In Pulse Secure Pulse Connect Secure (PCS) 8 Nov 21, 2024 · docker-ce v27. This CVE record has been marked for NVD Nov 21, 2024 · VMware Tools for Windows (11. This CVE record has been updated after NVD enrichment efforts were completed This vulnerability is patched in IdentityServer 7. 5 days ago · As of December 2009, The National Vulnerability Database is now accepting contributions to the Official CPE Dictionary. Nov 1, 2024 · The vulnerability was discovered via routine penetration testing. 0) Common Weakness Enumerations (CWE) These data types are referred to as submission categories within CVMAP. Vulnerabilities; CVE-2022-32168 Detail Modified. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Missing authentication for a critical Mar 3, 2021 · National Vulnerability Database NVD. 1 containes patches to fix the vulnerability. Search parameters include CVE ID, CVSS score, CWE ID, vendor, product, vulnerability type, publish date, update date, and more. NVD Visualizations. Nov 21, 2024 · The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This vulnerability was added to the CISA Known Exploited Vulnerabilities (KEV) Catalog on 2025-04-28. nist. Jun 16, 2009 · Summary. Products CPE Search; Search Common Platform Enumerations (CPE) This search engine can perform a keyword search, or a CPE Name The National Vulnerability Database (NVD) is a foundational cybersecurity resource that provides detailed information on vulnerabilities across a wide range of software and hardware. The NVD is the U. Vulnerability Status Vulnerability records within the NVD dataset are sourced from the CVE List, which is maintained by the CVE Program, upstream of the NVD. Out of bounds write in V8 in Google Chrome prior to 124. Nov 21, 2024 · An attacker can bypass the security controls by performing a DNS rebinding attack and view sensitive data from internal servers or perform a local port scan. For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Supported versions that are affected are 8. The vulnerability arises due to inappropriate secure coding measures, specifically the lack of proper implementation of the max_depth parameter in the get_article_urls function. 1615. This visualization is a simple graph which shows the distribution of vulnerabilities by severity over time. MITRE CVE List – Comprehensive list of CVE Records provided by MITRE. Feb 13, 2024 · NIST maintains the National Vulnerability Database (NVD), a repository of information on software and hardware flaws that can compromise computer security. In Pulse Secure Pulse Connect Secure (PCS) 8 This NIST SP 800-53 database represents the security controls and associated assessment procedures defined in NIST SP 800-53 Revision 4 Recommended Security Controls for Federal Information Systems and Organizations. The NVD supports Common Vulnerability Scoring System (CVSS) v2. Startinf in version 5. 2. Vulnerabilities; CVE-2023-2005 Detail Modified. This data enables automation of vulnerability management, security measurement, and compliance. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. When loaded on an Windows application, Netty attempts to load a file that does not exist. 8. twitter (link is external) Nov 26, 2024 · National Vulnerability Database National Vulnerability Database NVD. 9, 14. This is a key piece of the nation’s cybersecurity infrastructure. 0) Common Vulnerability Scoring System v3. Published: October 28, 2024; 4:15:06 PM -0400 Mar 3, 2021 · National Vulnerability Database NVD. 1 release branches. This guide looks into the various aspects of NIST NVD to understand Dec 30, 2024 · National Vulnerability Database National Vulnerability Database NVD. Search Parameters: Keyword (text search): spring; Search Type: Search All; There are 276 matching records. Windows Hyper-V NT Kernel Integration VSP NVD：National Vulnerability Database，美国国家计算机通用漏洞数据库，是权威的漏洞数据收集平台。官网地址： https:// nvd. It is maintained by a group within the National Institute of Standards and Technology (NIST) and builds upon the work of MITRE and others. 5. 27. Developers; Products. The NVD website provides a robust search engine to navigate its entire catalog of vulnerability data efficiently. Vulnerabilities; CVE-2024-12356 Detail Description . There is a growing backlog of vulnerabilities submitted to the NVD and requiring analysis. The public API function BIO_new_NDEF is a helper function used for streaming ASN. This CVE record has been marked for NVD Apr 28, 2025 · National Vulnerability Database NVD. 3+. 03, 20. National Vulnerability Database National Vulnerability Database NVD. Vulnerabilities; CVE-2025-23087 Detail These CVEs are stored in the NVD, but do not show up in search results by default. May 8, 2019 · National Vulnerability Database National Vulnerability Database NVD. General; A Brief History of the NVD. Nov 20, 2023 · National Vulnerability Database (NVD) – Extensive CVE vulnerability database maintained by NIST, based on CVE List feed. An attacker can exploit this vulnerability to access highly sensitive internal server(s) and steal sensitive information. Jan 24, 2025 · National Vulnerability Database NVD. 20. Version 6. Improper input validation in Dressroom prior to SMR Nov-2024 Release 1 allow May 5, 2025 · Current Description . Vulnerabilities; CVE-2024-56516 Detail Awaiting Analysis. This vulnerability is fixed in 2. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. If no databases are present in the default directory, the UI indicates that the user is unable to open any databases. 0 should include improved documentation, two new API endpoints providing the public with CPE Match Strings and Data Source records, twelve new parameters for the CVE API that allow users to filter requests based on metadata like CISA's Known Exploited Vulnerabilities (KEV), as well as 5 days ago · As of December 2009, The National Vulnerability Database is now accepting contributions to the Official CPE Dictionary. Vulnerabilities; CVE-2024-39943 Detail Modified. 0, and 26. The CPE Name search will perform searching for an exact match, as well as searching for all records that contain the components specified in the user-specified Dec 15, 2024 · Exploring the History and Purpose of the National Vulnerability Database. The keyword search will perform searching across all components of the CPE name for the user specified search text. For information on how to the cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository . NIST maintains the National Vulnerability Database (NVD), a repository of information on software and hardware flaws that can compromise computer security. The CVE List is a list of publicly disclosed cybersecurity vulnerabilities and exposures that is free to search, use, and incorporate into products and services. This CVE record has been updated after NVD National Vulnerability Database National Vulnerability Database NVD. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise Java VM. A critical vulnerability has been discovered Mar 19, 2024 · NVD Contact Information. 0, v3. Vulnerabilities; CVE-2024-7256 Detail Description . Patches have also been merged into the master, 19. x, 11. Aug 21, 2024 · National Vulnerability Database National Vulnerability Database NVD. A buffer overflow was found in the MikroTik Nov 21, 2024 · Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). A privilege escalation vulnerability in Palo Alto Networks PAN-OS software Feb 20, 2025 · 国家信息安全漏洞库，为负责建设运维的国家级信息安全漏洞数据管理平台，旨在为我国信息安全保障提供服务。 A Denial of Service (DoS) vulnerability has been identified in the KnowledgeBaseWebReader class of the run-llama/llama_index project, affecting version ~ latest(v0. Integrates with CVSS and CPE. The choice of LOW, MEDIUM and HIGH is based upon the CVSS V2 Base score. Founded in 1901, National Institute of Standards and Technology (NIST) is a non-regulatory federal agency within the U. government repository of standards-based vulnerability For many users, the most noticeable changes from 1. How to Keep Up-to-Date with the NVD Data Using the Traditional Feeds. 1, a maliciously modified message can be passed to either `openpgp. Vulnerabilities; CVE-2024-38526 Detail Awaiting Analysis. AGGREGATE with a specially crafted LIMIT command argument, or FT. SEARCH with a specially crafted KNN command argument, can trigger an integer overflow, leading to heap overflow and potential remote code execution. js is a JavaScript implementation of the OpenPGP protocol. 0 assessments for newly published CVE records. Vulnerabilities; CVE-2024-49402 Detail Description . 1) Common Vulnerability Scoring System v2. government repository of standards-based vulnerability management data. This effort allows consumers of our data to check for known issues for any product they may currently have in their environment (as long as they know the associated product identifier). Vuln ID Summary CVSS Severity ; CVE-2025-47934: OpenPGP. NVD Contact Form Use this form for submitting general questions, requesting review of NVD analysis data or for questions about CVMAP. NVD analysts use the reference information provided with the CVE and any publicly available information at the time of analysis to associate Reference Tags, Common Vulnerability Scoring System (CVSS) v3. Note: A precondition of this vulnerability is that the user must be using the Okta Device Access passwordless feature. Remediations have been made available for all SL1 versions back to version lines 10. Products CPE Search; Search Common Platform Enumerations (CPE) This search engine can perform a keyword search, or a CPE Name For many users, the most noticeable changes from 1. jhwr bvr qtdq fzmat utqiee fdo mkuizvz rbuuhx sicej auibjz