NVD Vulnerability Information Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
319301 8.8 HIGH
Network 		microsoft edge_chromium Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2024-43489 2024-09-24 02:33 2024-09-20 Show GitHub Exploit DB Packet Storm
319302 4.3 MEDIUM
Network 		microsoft edge_chromium Microsoft Edge (Chromium-based) Spoofing Vulnerability NVD-CWE-noinfo
CVE-2024-38221 2024-09-24 02:33 2024-09-20 Show GitHub Exploit DB Packet Storm
319303 8.8 HIGH
Network 		microsoft edge_chromium Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2024-43496 2024-09-24 02:32 2024-09-20 Show GitHub Exploit DB Packet Storm
319304 9.8 CRITICAL
Network 		dlink dar-7000_firmware A vulnerability classified as critical has been found in D-Link DAR-7000 up to 20240912. Affected is an unknown function of the file /view/DBManage/Backup_Server_commit.php. The manipulation of the a… CWE-78
OS Command  		CVE-2024-9004 2024-09-24 02:29 2024-09-20 Show GitHub Exploit DB Packet Storm
319305 8.8 HIGH
Network 		microsoft sql_2016_azure_connect_feature_pack
sql_server_2016
sql_server_2017
sql_server_2019
sql_server_2022 		Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2024-37340 2024-09-24 02:08 2024-09-11 Show GitHub Exploit DB Packet Storm
319306 8.8 HIGH
Network 		microsoft sql_2016_azure_connect_feature_pack
sql_server_2016
sql_server_2017
sql_server_2019
sql_server_2022 		Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2024-37338 2024-09-24 02:04 2024-09-11 Show GitHub Exploit DB Packet Storm
319307 4.3 MEDIUM
Network 		microsoft sql_2016_azure_connect_feature_pack
sql_server_2016
sql_server_2017
sql_server_2019
sql_server_2022 		Microsoft SQL Server Native Scoring Information Disclosure Vulnerability NVD-CWE-noinfo
CVE-2024-37337 2024-09-24 02:00 2024-09-11 Show GitHub Exploit DB Packet Storm
319308 8.8 HIGH
Network 		microsoft sql_2016_azure_connect_feature_pack
sql_server_2016
sql_server_2017
sql_server_2019
sql_server_2022 		Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2024-37335 2024-09-24 01:58 2024-09-11 Show GitHub Exploit DB Packet Storm
319309 9.8 CRITICAL
Network 		fabianros hospital_management_system A vulnerability, which was classified as critical, was found in code-projects Hospital Management System 1.0. This affects an unknown part of the file check_availability.php. The manipulation of the … CWE-89
SQL Injection 		CVE-2024-8944 2024-09-24 01:56 2024-09-18 Show GitHub Exploit DB Packet Storm
319310 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check denominator crb_pipes before used [WHAT & HOW] A denominator cannot be 0, and is checked before used. Thi… CWE-369
 Divide By Zero 		CVE-2024-46772 2024-09-24 01:52 2024-09-18 Show GitHub Exploit DB Packet Storm
319311 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check denominator pbn_div before used [WHAT & HOW] A denominator cannot be 0, and is checked before used. This … CWE-369
 Divide By Zero 		CVE-2024-46773 2024-09-24 01:51 2024-09-18 Show GitHub Exploit DB Packet Storm
319312 8.8 HIGH
Network 		microsoft sql_2016_azure_connect_feature_pack
sql_server_2016
sql_server_2017
sql_server_2019
sql_server_2022 		Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2024-26191 2024-09-24 01:51 2024-09-11 Show GitHub Exploit DB Packet Storm
319313 8.8 HIGH
Network 		microsoft sql_2016_azure_connect_feature_pack
sql_server_2016
sql_server_2017
sql_server_2019
sql_server_2022 		Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2024-26186 2024-09-24 01:48 2024-09-11 Show GitHub Exploit DB Packet Storm
319314 9.8 CRITICAL
Network 		microsoft sql_server_2016
sql_server_2017
sql_server_2019
sql_server_2022
sql_2016_azure_connect_feature_pack 		Microsoft SQL Server Elevation of Privilege Vulnerability NVD-CWE-noinfo
CVE-2024-37341 2024-09-24 01:38 2024-09-11 Show GitHub Exploit DB Packet Storm
319315 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix missing cleanup on rollforward recovery error In an error injection test of a routine for mount-time recovery, KASAN … CWE-416
 Use After Free 		CVE-2024-46781 2024-09-24 01:37 2024-09-18 Show GitHub Exploit DB Packet Storm
319316 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Free pvr_vm_gpuva after unlink This caused a measurable memory leak. Although the individual allocations are sma… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2024-46779 2024-09-24 01:37 2024-09-18 Show GitHub Exploit DB Packet Storm
319317 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ila: call nf_unregister_net_hooks() sooner syzbot found an use-after-free Read in ila_nf_input [1] Issue here is that ila_xlat_e… CWE-416
 Use After Free 		CVE-2024-46782 2024-09-24 01:32 2024-09-18 Show GitHub Exploit DB Packet Storm
319318 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: hwmon: (lm95234) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if… CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2024-46758 2024-09-24 01:29 2024-09-18 Show GitHub Exploit DB Packet Storm
319319 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: hwmon: (nct6775-core) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underfl… CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2024-46757 2024-09-24 01:29 2024-09-18 Show GitHub Exploit DB Packet Storm
319320 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83627ehf) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow … CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2024-46756 2024-09-24 01:29 2024-09-18 Show GitHub Exploit DB Packet Storm
319321 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: hwmon: (adc128d818) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow… CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2024-46759 2024-09-24 01:28 2024-09-18 Show GitHub Exploit DB Packet Storm
319322 4.3 MEDIUM
Network 		microsoft sql_2016_azure_connect_feature_pack
sql_server_2017
sql_server_2019
sql_server_2022
sql_server_2016 		Microsoft SQL Server Native Scoring Information Disclosure Vulnerability NVD-CWE-noinfo
CVE-2024-37342 2024-09-24 01:28 2024-09-11 Show GitHub Exploit DB Packet Storm
319323 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: usb: schedule rx work after everything is set up Right now it's possible to hit NULL pointer dereference in rtw_rx_f… CWE-476
 NULL Pointer Dereference 		CVE-2024-46760 2024-09-24 01:18 2024-09-18 Show GitHub Exploit DB Packet Storm
319324 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: Fix NULL dereference on XDP_TX If number of TX queues are set to 1 we get a NULL pointer dereferenc… CWE-476
 NULL Pointer Dereference 		CVE-2024-46799 2024-09-24 01:17 2024-09-18 Show GitHub Exploit DB Packet Storm
319325 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ice: move netif_queue_set_napi to rtnl-protected sections Currently, netif_queue_set_napi() is called from ice_vsi_rebuild() that… CWE-787
 Out-of-bounds Write 		CVE-2024-46766 2024-09-24 01:15 2024-09-18 Show GitHub Exploit DB Packet Storm
319326 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: fou: Fix null-ptr-deref in GRO. We observed a null-ptr-deref in fou_gro_receive() while shutting down a host. [0] The NULL poin… CWE-476
 NULL Pointer Dereference 		CVE-2024-46763 2024-09-24 01:14 2024-09-18 Show GitHub Exploit DB Packet Storm
319327 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ice: Add netif_device_attach/detach into PF reset flow Ethtool callbacks can be executed while reset is in progress and try to ac… CWE-476
 NULL Pointer Dereference 		CVE-2024-46770 2024-09-24 01:13 2024-09-18 Show GitHub Exploit DB Packet Storm
319328 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: xen: privcmd: Fix possible access to a freed kirqfd instance Nothing prevents simultaneous ioctl calls to privcmd_irqfd_assign() … CWE-416
 Use After Free 		CVE-2024-46762 2024-09-24 01:12 2024-09-18 Show GitHub Exploit DB Packet Storm
319329 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv The hotplug driver for powerpc (pci/hotplug/pnv_php.c) causes a kernel c… CWE-476
 NULL Pointer Dereference 		CVE-2024-46761 2024-09-24 01:06 2024-09-18 Show GitHub Exploit DB Packet Storm
319330 7.8 HIGH
Local 		microsoft windows_server_2008
windows_server_2012
windows_10_1809
windows_server_2019
windows_server_2022
windows_11_21h2
windows_10_21h2
windows_11_22h2
windows_10_22h2
windows_11_2… 		Windows Security Zone Mapping Security Feature Bypass Vulnerability NVD-CWE-noinfo
CVE-2024-30073 2024-09-24 00:08 2024-09-11 Show GitHub Exploit DB Packet Storm
319331 5.5 MEDIUM
Local 		intel raid_web_console Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user to potentially enable information disclosure via local access. NVD-CWE-noinfo
CVE-2024-28170 2024-09-23 23:49 2024-09-17 Show GitHub Exploit DB Packet Storm
319332 5.5 MEDIUM
Local 		intel raid_web_console NULL pointer dereference in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable denial of service via local access. CWE-476
 NULL Pointer Dereference 		CVE-2024-32666 2024-09-23 23:47 2024-09-17 Show GitHub Exploit DB Packet Storm
319333 4.7 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ethtool: check device is present when getting link settings A sysfs reader can race with a device reset or removal, attempting to… NVD-CWE-noinfo
CVE-2024-46679 2024-09-23 23:47 2024-09-13 Show GitHub Exploit DB Packet Storm
319334 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix random crash seen while removing driver This fixes the random kernel crash seen while removing the driv… NVD-CWE-noinfo
CVE-2024-46680 2024-09-23 23:45 2024-09-13 Show GitHub Exploit DB Packet Storm
319335 5.7 MEDIUM
Adjacent 		intel raid_web_console Improper access control in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable denial of service via adjacent access. NVD-CWE-noinfo
CVE-2024-32940 2024-09-23 23:44 2024-09-17 Show GitHub Exploit DB Packet Storm
319336 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: bonding: change ipsec_lock from spin lock to mutex In the cited commit, bond->ipsec_lock is added to protect ipsec_list, hence xd… CWE-667
 Improper Locking 		CVE-2024-46678 2024-09-23 23:44 2024-09-13 Show GitHub Exploit DB Packet Storm
319337 5.5 MEDIUM
Local 		intel raid_web_console Uncaught exception in Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable denial of service via local access. NVD-CWE-Other
CVE-2024-33848 2024-09-23 23:43 2024-09-17 Show GitHub Exploit DB Packet Storm
319338 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Add poll mod list filling check In case of im_protocols value is 1 and tm_protocols value is 0 this combination succe… CWE-369
 Divide By Zero 		CVE-2024-46676 2024-09-23 23:42 2024-09-13 Show GitHub Exploit DB Packet Storm
319339 5.4 MEDIUM
Network 		cryoutcreations mantra Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Mantra allows Stored XSS.This issue affects Mantra: from n/a through 3.3.2. CWE-79
Cross-site Scripting 		CVE-2024-44056 2024-09-23 23:39 2024-09-15 Show GitHub Exploit DB Packet Storm
319340 7.8 HIGH
Local 		intel raid_web_console Uncontrolled search path element in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable escalation of privilege via local access. CWE-427
 Uncontrolled Search Path Element 		CVE-2024-34153 2024-09-23 23:35 2024-09-17 Show GitHub Exploit DB Packet Storm
319341 5.4 MEDIUM
Network 		cryoutcreations nirvana Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Nirvana allows Stored XSS.This issue affects Nirvana: from n/a through 1.6… CWE-79
Cross-site Scripting 		CVE-2024-44057 2024-09-23 23:33 2024-09-15 Show GitHub Exploit DB Packet Storm
319342 5.4 MEDIUM
Network 		cryoutcreations parabola Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Parabola allows Stored XSS.This issue affects Parabola: from n/a through 2… CWE-79
Cross-site Scripting 		CVE-2024-44058 2024-09-23 23:28 2024-09-15 Show GitHub Exploit DB Packet Storm
319343 5.4 MEDIUM
Network 		cryoutcreations fluida Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Fluida allows Stored XSS.This issue affects Fluida: from n/a through 1.8.8. CWE-79
Cross-site Scripting 		CVE-2024-44054 2024-09-23 23:23 2024-09-15 Show GitHub Exploit DB Packet Storm
319344 7.8 HIGH
Local 		intel raid_web_console Improper access control in Intel(R) RAID Web Console software for all versions may allow an authenticated user to potentially enable escalation of privilege via local access. NVD-CWE-noinfo
CVE-2024-34543 2024-09-23 23:17 2024-09-17 Show GitHub Exploit DB Packet Storm
319345 5.7 MEDIUM
Adjacent 		intel raid_web_console Improper access control in Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable denial of service via adjacent access. NVD-CWE-noinfo
CVE-2024-36261 2024-09-23 23:16 2024-09-17 Show GitHub Exploit DB Packet Storm
319346 5.7 MEDIUM
Adjacent 		intel raid_web_console Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user to potentially enable denial of service via adjacent access. NVD-CWE-noinfo
CVE-2024-36247 2024-09-23 23:16 2024-09-17 Show GitHub Exploit DB Packet Storm
319347 5.7 MEDIUM
Adjacent 		intel raid_web_console Improper input validation in some Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable information disclosure via adjacent access. NVD-CWE-noinfo
CVE-2024-34545 2024-09-23 23:13 2024-09-17 Show GitHub Exploit DB Packet Storm
319348 6.5 MEDIUM
Adjacent 		espressif esp-now ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An replay attacks vulnerability was discovered in the implementation of the ESP-NOW because the caches is not differentiated … CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2024-42483 2024-09-23 23:06 2024-09-13 Show GitHub Exploit DB Packet Storm
319349 7.8 HIGH
Local 		refuel autolabel An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its classification tasks handle provided CSV files. If a victim user cr… CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2024-27320 2024-09-23 22:56 2024-09-12 Show GitHub Exploit DB Packet Storm
319350 6.5 MEDIUM
Network 		mattermost mattermost_mobile Mattermost Mobile Apps versions <=2.18.0 fail to disable autocomplete during login while typing the password and visible password is selected, which allows the password to get saved in the dictionary… NVD-CWE-Other
CVE-2024-45833 2024-09-23 22:43 2024-09-16 Show GitHub Exploit DB Packet Storm