Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-53129

    In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: Fix a dereferenced before check warning The 'state' can't be NULL, we should check crtc_state. Fix warning: drivers/gpu/drm/rockchip/rockchip_drm_vop.c:1096 vop_plan... Read more

    Affected Products : linux_kernel
    • Published: Dec. 04, 2024
    • Modified: Dec. 14, 2024

  • 5.5

    MEDIUM
    CVE-2024-53127

    In the Linux kernel, the following vulnerability has been resolved: Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" The commit 8396c793ffdf ("mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K") increased the max_req_size, ev... Read more

    Affected Products : linux_kernel
    • Published: Dec. 04, 2024
    • Modified: Dec. 14, 2024

  • 5.5

    MEDIUM
    CVE-2022-28786

    Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.... Read more

    Affected Products : android dex
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-28785

    Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.... Read more

    Affected Products : android dex
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-53131

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint Patch series "nilfs2: fix null-ptr-deref bugs on block tracepoints". This series fixes null pointer dereference bugs that oc... Read more

    Affected Products : linux_kernel
    • Published: Dec. 04, 2024
    • Modified: Dec. 14, 2024

  • 5.5

    MEDIUM
    CVE-2022-28850

    Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this... Read more

    Affected Products : macos windows bridge
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-28856

    Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Ex... Read more

    Affected Products : macos windows indesign
    • Published: Sep. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-28654

    is_closing_session() allows users to fill up apport.log... Read more

    Affected Products : ubuntu_linux apport apport
    • Published: Jun. 04, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-28645

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o... Read more

    Affected Products : microstation_connect microstation view
    • Published: Mar. 29, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-28652

    ~/.config/apport/settings parsing is vulnerable to "billion laughs" attack... Read more

    Affected Products : ubuntu_linux apport apport
    • Published: Jun. 04, 2024
    • Modified: Mar. 13, 2025

  • 5.5

    MEDIUM
    CVE-2022-28658

    Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing... Read more

    Affected Products : ubuntu_linux apport apport
    • Published: Jun. 04, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-28543

    Path traversal vulnerability in Samsung Flow prior to version 4.8.07.4 allows local attackers to read arbitrary files as Samsung Flow permission.... Read more

    Affected Products : samsung_flow flow
    • Published: Apr. 11, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-53121

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, lock FTE when checking if active The referenced commits introduced a two-step process for deleting FTEs: - Lock the FTE, delete it from hardware, set the hardware deletio... Read more

    Affected Products : linux_kernel
    • Published: Dec. 02, 2024
    • Modified: Dec. 14, 2024

  • 5.5

    MEDIUM
    CVE-2022-28506

    There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45.... Read more

    Affected Products : fedora giflib
    • Published: Apr. 25, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-28656

    is_closing_session() allows users to consume RAM in the Apport process... Read more

    Affected Products : ubuntu_linux apport apport
    • Published: Jun. 04, 2024
    • Modified: Mar. 19, 2025

  • 5.5

    MEDIUM
    CVE-2024-53115

    In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: avoid null_ptr_deref in vmw_framebuffer_surface_create_handle The 'vmw_user_object_buffer' function may return NULL with incorrect inputs. To avoid possible null pointer der... Read more

    Affected Products : linux_kernel
    • Published: Dec. 02, 2024
    • Modified: Dec. 11, 2024

  • 5.5

    MEDIUM
    CVE-2022-28389

    mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.... Read more

    • Published: Apr. 03, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-53109

    In the Linux kernel, the following vulnerability has been resolved: nommu: pass NULL argument to vma_iter_prealloc() When deleting a vma entry from a maple tree, it has to pass NULL to vma_iter_prealloc() in order to calculate internal state of the tree... Read more

    Affected Products : linux_kernel
    • Published: Dec. 02, 2024
    • Modified: Dec. 11, 2024

  • 5.5

    MEDIUM
    CVE-2022-28384

    An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they allow an offline brute-force attack for determining the correct passcode, and thus gaining unauthorized access to the stored encrypted data. This affect... Read more

    • Published: Jun. 08, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-28312

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ... Read more

    Affected Products : microstation_connect microstation view
    • Published: Mar. 29, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 293426 Results