NVD

Icon for New NVD Communications and Status Updates Page

The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.

For information on how to cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Legal Disclaimer:

Here is where you can read the NVD legal disclaimer.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

CVE-2023-35841 - Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows Privilege Escalation which allows for modification of system firmware.This issue affects WinFlash Driver: before 4.5.0.0.
Published: May 14, 2024; 12:15:36 PM -0400
CVE-2023-52701 - In the Linux kernel, the following vulnerability has been resolved: net: use a bounce buffer for copying skb->mark syzbot found arm64 builds would crash in sock_recv_mark() when CONFIG_HARDENED_USERCOPY=y x86 and powerpc are not detecting the i... read CVE-2023-52701
Published: May 21, 2024; 12:15:12 PM -0400

V3.1: 7.1 HIGH
CVE-2023-52704 - In the Linux kernel, the following vulnerability has been resolved: freezer,umh: Fix call_usermode_helper_exec() vs SIGKILL Tetsuo-San noted that commit f5d39b020809 ("freezer,sched: Rewrite core freezer logic") broke call_usermodehelper_exec() ... read CVE-2023-52704
Published: May 21, 2024; 12:15:12 PM -0400

V3.1: 5.5 MEDIUM
CVE-2023-52732 - In the Linux kernel, the following vulnerability has been resolved: ceph: blocklist the kclient when receiving corrupted snap trace When received corrupted snap trace we don't know what exactly has happened in MDS side. And we shouldn't continue... read CVE-2023-52732
Published: May 21, 2024; 12:15:13 PM -0400

V3.1: 5.5 MEDIUM
CVE-2023-52742 - In the Linux kernel, the following vulnerability has been resolved: net: USB: Fix wrong-direction WARNING in plusb.c The syzbot fuzzer detected a bug in the plusb network driver: A zero-length control-OUT transfer was treated as a read instead o... read CVE-2023-52742
Published: May 21, 2024; 12:15:14 PM -0400

V3.1: 5.5 MEDIUM
CVE-2023-52743 - In the Linux kernel, the following vulnerability has been resolved: ice: Do not use WQ_MEM_RECLAIM flag for workqueue When both ice and the irdma driver are loaded, a warning in check_flush_dependency is being triggered. This is due to ice drive... read CVE-2023-52743
Published: May 21, 2024; 12:15:14 PM -0400

V3.1: 5.5 MEDIUM
CVE-2023-52750 - In the Linux kernel, the following vulnerability has been resolved: arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer Prior to LLVM 15.0.0, LLVM's integrated assembler would incorrectly byte-swap NOP when compiling for big-endia... read CVE-2023-52750
Published: May 21, 2024; 12:15:14 PM -0400

V3.1: 5.5 MEDIUM
CVE-2023-52778 - In the Linux kernel, the following vulnerability has been resolved: mptcp: deal with large GSO size After the blamed commit below, the TCP sockets (and the MPTCP subflows) can build egress packets larger than 64K. That exceeds the maximum DSS da... read CVE-2023-52778
Published: May 21, 2024; 12:15:16 PM -0400

V3.1: 5.5 MEDIUM
CVE-2023-52781 - In the Linux kernel, the following vulnerability has been resolved: usb: config: fix iteration issue in 'usb_get_bos_descriptor()' The BOS descriptor defines a root descriptor and is the base descriptor for accessing a family of related descript... read CVE-2023-52781
Published: May 21, 2024; 12:15:17 PM -0400

V3.1: 5.5 MEDIUM
CVE-2023-52784 - In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bond_setup_by_slave() Commit 9eed321cde22 ("net: lapbether: only support ethernet devices") has been able to keep syzbot away from net/lapb, until to... read CVE-2023-52784
Published: May 21, 2024; 12:15:17 PM -0400

V3.1: 5.5 MEDIUM
CVE-2023-52786 - In the Linux kernel, the following vulnerability has been resolved: ext4: fix racy may inline data check in dio write syzbot reports that the following warning from ext4_iomap_begin() triggers as of the commit referenced below: if (WARN... read CVE-2023-52786
Published: May 21, 2024; 12:15:17 PM -0400

V3.1: 4.7 MEDIUM
CVE-2023-52692 - In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing error check to scarlett2_usb_set_config() scarlett2_usb_set_config() calls scarlett2_usb_get() but was not checking the result. Return the error if ... read CVE-2023-52692
Published: May 17, 2024; 11:15:20 AM -0400

V3.1: 5.5 MEDIUM
CVE-2023-52697 - In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof_sdw_rt_sdca_jack_common: ctx->headset_codec_dev = NULL sof_sdw_rt_sdca_jack_exit() are used by different codecs, and some of them use the same dai name. For exa... read CVE-2023-52697
Published: May 17, 2024; 11:15:20 AM -0400

V3.1: 7.1 HIGH
CVE-2023-52660 - In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fix IRQ handling due to shared interrupts The driver requests the interrupts as IRQF_SHARED, so the interrupt handlers can be called at any time. If such a call h... read CVE-2023-52660
Published: May 17, 2024; 9:15:57 AM -0400

V3.1: 5.5 MEDIUM
CVE-2023-52671 - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix hang/underflow when transitioning to ODM4:1 [Why] Under some circumstances, disabling an OPTC and attempting to reclaim its OPP(s) for a different OPTC coul... read CVE-2023-52671
Published: May 17, 2024; 10:15:10 AM -0400

V3.1: 5.5 MEDIUM
CVE-2023-52676 - In the Linux kernel, the following vulnerability has been resolved: bpf: Guard stack limits against 32bit overflow This patch promotes the arithmetic around checking stack bounds to be done in the 64-bit domain, instead of the current 32bit. The... read CVE-2023-52676
Published: May 17, 2024; 11:15:18 AM -0400

V3.1: 5.5 MEDIUM
CVE-2023-52677 - In the Linux kernel, the following vulnerability has been resolved: riscv: Check if the code to patch lies in the exit section Otherwise we fall through to vmalloc_to_page() which panics since the address does not lie in the vmalloc region.
Published: May 17, 2024; 11:15:18 AM -0400

V3.1: 5.5 MEDIUM
CVE-2023-52678 - In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c Before using list_first_entry, make sure to check that list is not empty, if list is em... read CVE-2023-52678
Published: May 17, 2024; 11:15:19 AM -0400

V3.1: 5.5 MEDIUM
CVE-2023-52680 - In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing error checks to *_ctl_get() The *_ctl_get() functions which call scarlett2_update_*() were not checking the return value. Fix to check the return va... read CVE-2023-52680
Published: May 17, 2024; 11:15:19 AM -0400

V3.1: 5.5 MEDIUM
CVE-2025-36139 - IBM Lakehouse (watsonx.data 2.2) is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials... read CVE-2025-36139
Published: September 18, 2025; 12:15:50 PM -0400

V3.1: 4.8 MEDIUM

Created September 20, 2022 , Updated August 27, 2024

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

Legal Disclaimer: