NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:June 13, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
319151	8.8	HIGH Network	microsoft	sql_2016_azure_connect_feature_pack sql_server_2016 sql_server_2017 sql_server_2019 sql_server_2022	Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability	NVD-CWE-noinfo	CVE-2024-26191	2024-09-24 01:51	2024-09-11	Show	GitHub Exploit DB Packet Storm

319152	8.8	HIGH Network	microsoft	sql_2016_azure_connect_feature_pack sql_server_2016 sql_server_2017 sql_server_2019 sql_server_2022	Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability	NVD-CWE-noinfo	CVE-2024-26186	2024-09-24 01:48	2024-09-11	Show	GitHub Exploit DB Packet Storm

319153	9.8	CRITICAL Network	microsoft	sql_server_2016 sql_server_2017 sql_server_2019 sql_server_2022 sql_2016_azure_connect_feature_pack	Microsoft SQL Server Elevation of Privilege Vulnerability	NVD-CWE-noinfo	CVE-2024-37341	2024-09-24 01:38	2024-09-11	Show	GitHub Exploit DB Packet Storm

319154	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix missing cleanup on rollforward recovery error In an error injection test of a routine for mount-time recovery, KASAN …	CWE-416 Use After Free	CVE-2024-46781	2024-09-24 01:37	2024-09-18	Show	GitHub Exploit DB Packet Storm

319155	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Free pvr_vm_gpuva after unlink This caused a measurable memory leak. Although the individual allocations are sma…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2024-46779	2024-09-24 01:37	2024-09-18	Show	GitHub Exploit DB Packet Storm

319156	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: ila: call nf_unregister_net_hooks() sooner syzbot found an use-after-free Read in ila_nf_input [1] Issue here is that ila_xlat_e…	CWE-416 Use After Free	CVE-2024-46782	2024-09-24 01:32	2024-09-18	Show	GitHub Exploit DB Packet Storm

319157	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: hwmon: (lm95234) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if…	CWE-191 Integer Underflow (Wrap or Wraparound)	CVE-2024-46758	2024-09-24 01:29	2024-09-18	Show	GitHub Exploit DB Packet Storm

319158	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: hwmon: (nct6775-core) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underfl…	CWE-191 Integer Underflow (Wrap or Wraparound)	CVE-2024-46757	2024-09-24 01:29	2024-09-18	Show	GitHub Exploit DB Packet Storm

319159	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83627ehf) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow …	CWE-191 Integer Underflow (Wrap or Wraparound)	CVE-2024-46756	2024-09-24 01:29	2024-09-18	Show	GitHub Exploit DB Packet Storm

319160	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: hwmon: (adc128d818) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow…	CWE-191 Integer Underflow (Wrap or Wraparound)	CVE-2024-46759	2024-09-24 01:28	2024-09-18	Show	GitHub Exploit DB Packet Storm

319161	4.3	MEDIUM Network	microsoft	sql_2016_azure_connect_feature_pack sql_server_2017 sql_server_2019 sql_server_2022 sql_server_2016	Microsoft SQL Server Native Scoring Information Disclosure Vulnerability	NVD-CWE-noinfo	CVE-2024-37342	2024-09-24 01:28	2024-09-11	Show	GitHub Exploit DB Packet Storm

319162	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: usb: schedule rx work after everything is set up Right now it's possible to hit NULL pointer dereference in rtw_rx_f…	CWE-476 NULL Pointer Dereference	CVE-2024-46760	2024-09-24 01:18	2024-09-18	Show	GitHub Exploit DB Packet Storm

319163	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: Fix NULL dereference on XDP_TX If number of TX queues are set to 1 we get a NULL pointer dereferenc…	CWE-476 NULL Pointer Dereference	CVE-2024-46799	2024-09-24 01:17	2024-09-18	Show	GitHub Exploit DB Packet Storm

319164	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: ice: move netif_queue_set_napi to rtnl-protected sections Currently, netif_queue_set_napi() is called from ice_vsi_rebuild() that…	CWE-787 Out-of-bounds Write	CVE-2024-46766	2024-09-24 01:15	2024-09-18	Show	GitHub Exploit DB Packet Storm

319165	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: fou: Fix null-ptr-deref in GRO. We observed a null-ptr-deref in fou_gro_receive() while shutting down a host. [0] The NULL poin…	CWE-476 NULL Pointer Dereference	CVE-2024-46763	2024-09-24 01:14	2024-09-18	Show	GitHub Exploit DB Packet Storm

319166	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: ice: Add netif_device_attach/detach into PF reset flow Ethtool callbacks can be executed while reset is in progress and try to ac…	CWE-476 NULL Pointer Dereference	CVE-2024-46770	2024-09-24 01:13	2024-09-18	Show	GitHub Exploit DB Packet Storm

319167	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a freed kirqfd instance Nothing prevents simultaneous ioctl calls to privcmd_irqfd_assign() …	CWE-416 Use After Free	CVE-2024-46762	2024-09-24 01:12	2024-09-18	Show	GitHub Exploit DB Packet Storm

319168	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv The hotplug driver for powerpc (pci/hotplug/pnv_php.c) causes a kernel c…	CWE-476 NULL Pointer Dereference	CVE-2024-46761	2024-09-24 01:06	2024-09-18	Show	GitHub Exploit DB Packet Storm

319169	7.8	HIGH Local	microsoft	windows_server_2008 windows_server_2012 windows_10_1809 windows_server_2019 windows_server_2022 windows_11_21h2 windows_10_21h2 windows_11_22h2 windows_10_22h2 windows_11_2…	Windows Security Zone Mapping Security Feature Bypass Vulnerability	NVD-CWE-noinfo	CVE-2024-30073	2024-09-24 00:08	2024-09-11	Show	GitHub Exploit DB Packet Storm

319170	5.5	MEDIUM Local	intel	raid_web_console	Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user to potentially enable information disclosure via local access.	NVD-CWE-noinfo	CVE-2024-28170	2024-09-23 23:49	2024-09-17	Show	GitHub Exploit DB Packet Storm

319171	5.5	MEDIUM Local	intel	raid_web_console	NULL pointer dereference in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable denial of service via local access.	CWE-476 NULL Pointer Dereference	CVE-2024-32666	2024-09-23 23:47	2024-09-17	Show	GitHub Exploit DB Packet Storm

319172	4.7	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: ethtool: check device is present when getting link settings A sysfs reader can race with a device reset or removal, attempting to…	NVD-CWE-noinfo	CVE-2024-46679	2024-09-23 23:47	2024-09-13	Show	GitHub Exploit DB Packet Storm

319173	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix random crash seen while removing driver This fixes the random kernel crash seen while removing the driv…	NVD-CWE-noinfo	CVE-2024-46680	2024-09-23 23:45	2024-09-13	Show	GitHub Exploit DB Packet Storm

319174	5.7	MEDIUM Adjacent	intel	raid_web_console	Improper access control in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable denial of service via adjacent access.	NVD-CWE-noinfo	CVE-2024-32940	2024-09-23 23:44	2024-09-17	Show	GitHub Exploit DB Packet Storm

319175	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: bonding: change ipsec_lock from spin lock to mutex In the cited commit, bond->ipsec_lock is added to protect ipsec_list, hence xd…	CWE-667 Improper Locking	CVE-2024-46678	2024-09-23 23:44	2024-09-13	Show	GitHub Exploit DB Packet Storm

319176	5.5	MEDIUM Local	intel	raid_web_console	Uncaught exception in Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable denial of service via local access.	NVD-CWE-Other	CVE-2024-33848	2024-09-23 23:43	2024-09-17	Show	GitHub Exploit DB Packet Storm

319177	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Add poll mod list filling check In case of im_protocols value is 1 and tm_protocols value is 0 this combination succe…	CWE-369 Divide By Zero	CVE-2024-46676	2024-09-23 23:42	2024-09-13	Show	GitHub Exploit DB Packet Storm

319178	5.4	MEDIUM Network	cryoutcreations	mantra	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Mantra allows Stored XSS.This issue affects Mantra: from n/a through 3.3.2.	CWE-79 Cross-site Scripting	CVE-2024-44056	2024-09-23 23:39	2024-09-15	Show	GitHub Exploit DB Packet Storm

319179	7.8	HIGH Local	intel	raid_web_console	Uncontrolled search path element in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable escalation of privilege via local access.	CWE-427 Uncontrolled Search Path Element	CVE-2024-34153	2024-09-23 23:35	2024-09-17	Show	GitHub Exploit DB Packet Storm

319180	5.4	MEDIUM Network	cryoutcreations	nirvana	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Nirvana allows Stored XSS.This issue affects Nirvana: from n/a through 1.6…	CWE-79 Cross-site Scripting	CVE-2024-44057	2024-09-23 23:33	2024-09-15	Show	GitHub Exploit DB Packet Storm

319181	5.4	MEDIUM Network	cryoutcreations	parabola	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Parabola allows Stored XSS.This issue affects Parabola: from n/a through 2…	CWE-79 Cross-site Scripting	CVE-2024-44058	2024-09-23 23:28	2024-09-15	Show	GitHub Exploit DB Packet Storm

319182	5.4	MEDIUM Network	cryoutcreations	fluida	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Fluida allows Stored XSS.This issue affects Fluida: from n/a through 1.8.8.	CWE-79 Cross-site Scripting	CVE-2024-44054	2024-09-23 23:23	2024-09-15	Show	GitHub Exploit DB Packet Storm

319183	7.8	HIGH Local	intel	raid_web_console	Improper access control in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable escalation of privilege via local access.	NVD-CWE-noinfo	CVE-2024-34543	2024-09-23 23:17	2024-09-17	Show	GitHub Exploit DB Packet Storm

319184	5.7	MEDIUM Adjacent	intel	raid_web_console	Improper access control in Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable denial of service via adjacent access.	NVD-CWE-noinfo	CVE-2024-36261	2024-09-23 23:16	2024-09-17	Show	GitHub Exploit DB Packet Storm

319185	5.7	MEDIUM Adjacent	intel	raid_web_console	Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user to potentially enable denial of service via adjacent access.	NVD-CWE-noinfo	CVE-2024-36247	2024-09-23 23:16	2024-09-17	Show	GitHub Exploit DB Packet Storm

319186	5.7	MEDIUM Adjacent	intel	raid_web_console	Improper input validation in some Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable information disclosure via adjacent access.	NVD-CWE-noinfo	CVE-2024-34545	2024-09-23 23:13	2024-09-17	Show	GitHub Exploit DB Packet Storm

319187	6.5	MEDIUM Adjacent	espressif	esp-now	ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An replay attacks vulnerability was discovered in the implementation of the ESP-NOW because the caches is not differentiated …	CWE-345 Insufficient Verification of Data Authenticity	CVE-2024-42483	2024-09-23 23:06	2024-09-13	Show	GitHub Exploit DB Packet Storm

319188	7.8	HIGH Local	refuel	autolabel	An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its classification tasks handle provided CSV files. If a victim user cr…	CWE-1236 Improper Neutralization of Formula Elements in a CSV File	CVE-2024-27320	2024-09-23 22:56	2024-09-12	Show	GitHub Exploit DB Packet Storm

319189	6.5	MEDIUM Network	mattermost	mattermost_mobile	Mattermost Mobile Apps versions <=2.18.0 fail to disable autocomplete during login while typing the password and visible password is selected, which allows the password to get saved in the dictionary…	NVD-CWE-Other	CVE-2024-45833	2024-09-23 22:43	2024-09-16	Show	GitHub Exploit DB Packet Storm

319190	7.5	HIGH Network	vidco	voc_tester	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Vidco Software VOC TESTER allows Path Traversal.This issue affects VOC TESTER: before 12.34.8.	CWE-22 Path Traversal	CVE-2024-7609	2024-09-23 18:15	2024-09-11	Show	GitHub Exploit DB Packet Storm

319191	9.8	CRITICAL Network	profelis	passbox	Improper Authentication, Missing Authentication for Critical Function, Improper Authorization vulnerability in Profelis Informatics and Consulting PassBox allows Authentication Abuse.This issue affec…	CWE-287 CWE-306 CWE-285 Improper Authentication Missing Authentication for Critical Function Improper Authorization	CVE-2024-7015	2024-09-23 18:15	2024-09-9	Show	GitHub Exploit DB Packet Storm

319192	-	-	-	-	The pagination class includes arbitrary parameters in links, leading to cache poisoning attack vectors.	-	CVE-2024-27185	2024-09-22 14:15	2024-08-21	Show	GitHub Exploit DB Packet Storm

319193	7.5	HIGH Network	ibm	maximo_application_suite	IBM Maximo Application Suite - Manage Component 8.10, 8.11, and 9.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information using man i…	CWE-327 Use of a Broken or Risky Cryptographic Algorithm	CVE-2024-37068	2024-09-21 19:15	2024-09-7	Show	GitHub Exploit DB Packet Storm

319194	8.2	HIGH Network	ibm	security_verify_access_docker security_verify_access	IBM Security Verify Access 10.0.0 through 10.0.8 OIDC Provider could allow a remote authenticated attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit …	CWE-601 Open Redirect	CVE-2024-35133	2024-09-21 19:15	2024-08-30	Show	GitHub Exploit DB Packet Storm

319195	8.1	HIGH Network	ibm	app_connect_enterprise_certified_container	IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, and 12.1 does not limit calls to unshare in run…	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2022-43915	2024-09-21 19:15	2024-08-24	Show	GitHub Exploit DB Packet Storm

319196	6.5	MEDIUM Network	ibm	cloud_pak_for_security qradar_suite	IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow a remote attacker to obtain sensitive information when a detailed technical…	CWE-209 Information Exposure Through an Error Message	CVE-2023-47728	2024-09-21 19:15	2024-08-17	Show	GitHub Exploit DB Packet Storm

319197	5.5	MEDIUM Local	ibm	cloud_pak_for_security qradar_suite	IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by a local user. IBM X-F…	CWE-312 Cleartext Storage of Sensitive Information	CVE-2024-25024	2024-09-21 19:15	2024-08-15	Show	GitHub Exploit DB Packet Storm

319198	6.5	MEDIUM Network	ibm	db2	IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain non default con…	NVD-CWE-noinfo	CVE-2024-35136	2024-09-21 19:15	2024-08-15	Show	GitHub Exploit DB Packet Storm

319199	6.5	MEDIUM Network	ibm	db2	IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service, under specific non default configurations, as the server may crash when using a s…	CWE-74 Injection	CVE-2024-31882	2024-09-21 19:15	2024-08-15	Show	GitHub Exploit DB Packet Storm

319200	7.5	HIGH Network	ibm	cloud_pak_for_security qradar_suite	IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly to a local privileged user, in non default configura…	NVD-CWE-noinfo	CVE-2024-28799	2024-09-21 19:15	2024-08-15	Show	GitHub Exploit DB Packet Storm