National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database



The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.
 
Last 20 Scored Vulnerability IDs & Summaries CVSS Severity
  • CVE-2020-1185 — An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-... read CVE-2020-1185
    Published: May 21, 2020; 07:15:18 PM -04:00

    V3.1: 7.8 HIGH
        V2: 4.6 MEDIUM

  • CVE-2020-1184 — An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-... read CVE-2020-1184
    Published: May 21, 2020; 07:15:18 PM -04:00

    V3.1: 7.8 HIGH
        V2: 4.6 MEDIUM

  • CVE-2020-1144 — An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-... read CVE-2020-1144
    Published: May 21, 2020; 07:15:16 PM -04:00

    V3.1: 7.8 HIGH
        V2: 4.6 MEDIUM

  • CVE-2020-12133 — The Apros Evolution, ConsciusMap, and Furukawa provisioning systems through 2.8.1 allow remote code execution because of javax.faces.ViewState Java deserialization.
    Published: April 27, 2020; 11:15:12 AM -04:00

    V3.1: 9.8 CRITICAL
        V2: 10.0 HIGH

  • CVE-2020-1191 — An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-... read CVE-2020-1191
    Published: May 21, 2020; 07:15:18 PM -04:00

    V3.1: 7.8 HIGH
        V2: 4.6 MEDIUM

  • CVE-2020-1190 — An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-... read CVE-2020-1190
    Published: May 21, 2020; 07:15:18 PM -04:00

    V3.1: 7.8 HIGH
        V2: 4.6 MEDIUM

  • CVE-2011-1454 — Use-after-free vulnerability in the DOM id handling functionality in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document.
    Published: May 03, 2011; 06:55:01 PM -04:00

        V2: 6.8 MEDIUM

  • CVE-2020-1189 — An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-... read CVE-2020-1189
    Published: May 21, 2020; 07:15:18 PM -04:00

    V3.1: 7.8 HIGH
        V2: 4.6 MEDIUM

  • CVE-2011-1804 — rendering/RenderBox.cpp in WebCore in WebKit before r86862, as used in Google Chrome before 11.0.696.71, does not properly render floats, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown... read CVE-2011-1804
    Published: May 26, 2011; 12:55:05 PM -04:00

        V2: 7.5 HIGH

  • CVE-2020-1068 — An elevation of privilege vulnerability exists in Windows Media Service that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege... read CVE-2020-1068
    Published: May 21, 2020; 07:15:12 PM -04:00

    V3.1: 7.8 HIGH
        V2: 7.2 HIGH

  • CVE-2011-1456 — Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."
    Published: May 03, 2011; 06:55:02 PM -04:00

        V2: 6.8 MEDIUM

  • CVE-2011-1452 — Google Chrome before 11.0.696.57 allows user-assisted remote attackers to spoof the URL bar via vectors involving a redirect and a manual reload.
    Published: May 03, 2011; 06:55:01 PM -04:00

        V2: 5.8 MEDIUM

  • CVE-2019-20009 — An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec.
    Published: December 26, 2019; 08:15:13 PM -05:00

    V3.1: 6.5 MEDIUM
        V2: 4.3 MEDIUM

  • CVE-2011-1451 — Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers."
    Published: May 03, 2011; 06:55:01 PM -04:00

        V2: 7.5 HIGH

  • CVE-2011-1449 — Use-after-free vulnerability in the WebSockets implementation in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
    Published: May 03, 2011; 06:55:01 PM -04:00

        V2: 6.8 MEDIUM

  • CVE-2011-1807 — Google Chrome before 11.0.696.71 does not properly handle blobs, which allows remote attackers to execute arbitrary code via unspecified vectors that trigger an out-of-bounds write.
    Published: May 26, 2011; 12:55:05 PM -04:00

        V2: 10.0 HIGH

  • CVE-2011-1448 — Google Chrome before 11.0.696.57 does not properly perform height calculations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
    Published: May 03, 2011; 06:55:01 PM -04:00

        V2: 6.8 MEDIUM

  • CVE-2011-1445 — Google Chrome before 11.0.696.57 does not properly handle SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
    Published: May 03, 2011; 06:55:01 PM -04:00

        V2: 6.8 MEDIUM

  • CVE-2011-1440 — Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences.
    Published: May 03, 2011; 06:55:01 PM -04:00

        V2: 6.8 MEDIUM

  • CVE-2011-1437 — Multiple integer overflows in Google Chrome before 11.0.696.57 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float rendering.
    Published: May 03, 2011; 06:55:01 PM -04:00

        V2: 6.8 MEDIUM