The Wayback Machine - https://web.archive.org/web/20201030055336/https://nvd.nist.gov/

National Vulnerability Database

National Vulnerability Database

NVD

Collaborative Vulnerability Metadata Acceptance Process
NVD Release of CVMAP
CVSS Version 3.1 Official Support!
CVSS Version 3.1 Official Support!
New NVD CVE/CPE API and Legacy SOAP Service Retirement!
New NVD CVE/CPE API and Legacy SOAP Service Retirement!


The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

  • CVE-2020-15250 - In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, ... read CVE-2020-15250
    Published: October 12, 2020; 2:15:13 PM -0400

    V3.1: 5.5 MEDIUM
     V2.0: 1.9 LOW

  • CVE-2020-3597 - A vulnerability in the configuration restore feature of Cisco Nexus Data Broker software could allow an unauthenticated, remote attacker to perform a directory traversal attack on an affected device. The vulnerability is due to insufficient valida... read CVE-2020-3597
    Published: October 08, 2020; 1:15:15 AM -0400

    V3.1: 5.4 MEDIUM
     V2.0: 5.8 MEDIUM

  • CVE-2019-8774 - A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Parsing a maliciously crafted iBooks file may lead to a persistent denial-of-service.
    Published: October 27, 2020; 4:15:19 PM -0400

    V3.1: 5.5 MEDIUM
     V2.0: 4.3 MEDIUM

  • CVE-2019-8771 - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy.
    Published: October 27, 2020; 4:15:19 PM -0400

    V3.1: 6.1 MEDIUM
     V2.0: 4.3 MEDIUM

  • CVE-2019-8708 - A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15, iOS 13. A local user may be able to check for the existence of arb... read CVE-2019-8708
    Published: October 27, 2020; 4:15:17 PM -0400

    V3.1: 5.5 MEDIUM
     V2.0: 2.1 LOW

  • CVE-2019-8696 - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to ex... read CVE-2019-8696
    Published: October 27, 2020; 4:15:17 PM -0400

    V3.1: 8.8 HIGH
     V2.0: 6.5 MEDIUM

  • CVE-2019-8709 - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. An application may be ... read CVE-2019-8709
    Published: October 27, 2020; 4:15:17 PM -0400

    V3.1: 7.8 HIGH
     V2.0: 9.3 HIGH

  • CVE-2019-8715 - A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15, iOS 13. An application may be able to execute arbit... read CVE-2019-8715
    Published: October 27, 2020; 4:15:17 PM -0400

    V3.1: 7.8 HIGH
     V2.0: 9.3 HIGH

  • CVE-2018-4391 - An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, watchOS 4.3, iOS 12.1. Processing a mali... read CVE-2018-4391
    Published: October 27, 2020; 4:15:13 PM -0400

    V3.1: 5.5 MEDIUM
     V2.0: 4.3 MEDIUM

  • CVE-2018-4390 - An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, watchOS 4.3, iOS 12.1. Processing a mali... read CVE-2018-4390
    Published: October 27, 2020; 4:15:13 PM -0400

    V3.1: 5.5 MEDIUM
     V2.0: 4.3 MEDIUM

  • CVE-2019-8901 - This issue was addressed by verifying host keys when connecting to a previously-known SSH server. This issue is fixed in iOS 13.1 and iPadOS 13.1. An attacker in a privileged network position may be able to intercept SSH traffic from the “Run scri... read CVE-2019-8901
    Published: October 27, 2020; 5:15:13 PM -0400

    V3.1: 6.5 MEDIUM
     V2.0: 4.0 MEDIUM

  • CVE-2018-4428 - A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 12.1.1. A local attacker may be able to share items from the lock s... read CVE-2018-4428
    Published: October 27, 2020; 4:15:13 PM -0400

    V3.1: 7.1 HIGH
     V2.0: 3.6 LOW

  • CVE-2018-4451 - This issue is fixed in macOS Mojave 10.14. A memory corruption issue was addressed with improved input validation.
    Published: October 27, 2020; 4:15:13 PM -0400

    V3.1: 7.8 HIGH
     V2.0: 9.3 HIGH

  • CVE-2018-4452 - A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra,... read CVE-2018-4452
    Published: October 27, 2020; 4:15:13 PM -0400

    V3.1: 7.8 HIGH
     V2.0: 9.3 HIGH

  • CVE-2018-4467 - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra,... read CVE-2018-4467
    Published: October 27, 2020; 4:15:14 PM -0400

    V3.1: 7.8 HIGH
     V2.0: 4.6 MEDIUM

  • CVE-2018-4468 - This issue was addressed by removing additional entitlements. This issue is fixed in macOS Mojave 10.14.1, Security Update 2018-002 High Sierra, Security Update 2018-005 Sierra. A malicious application may be able to access restricted files.
    Published: October 27, 2020; 4:15:14 PM -0400

    V3.1: 5.5 MEDIUM
     V2.0: 2.1 LOW

  • CVE-2019-8855 - An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Catalina 10.15. A malicious application may be able to access restricted files.
    Published: October 27, 2020; 5:15:13 PM -0400

    V3.1: 6.3 MEDIUM
     V2.0: 4.3 MEDIUM

  • CVE-2019-8856 - An API issue existed in the handling of outgoing phone calls initiated with Siri. This issue was addressed with improved state handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-0... read CVE-2019-8856
    Published: October 27, 2020; 5:15:13 PM -0400

    V3.1: 3.3 LOW
     V2.0: 4.3 MEDIUM

  • CVE-2019-8612 - A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, tvOS 12.3, watchOS 5.2.1, macOS Mojave 10.14.5, Security Update 2019-00... read CVE-2019-8612
    Published: October 27, 2020; 4:15:16 PM -0400

    V3.1: 6.5 MEDIUM
     V2.0: 4.0 MEDIUM

  • CVE-2019-8592 - A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, tvOS 12.3, watchOS 5.2.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Mojave 10... read CVE-2019-8592
    Published: October 27, 2020; 4:15:16 PM -0400

    V3.1: 7.8 HIGH
     V2.0: 6.8 MEDIUM