Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-46727

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add otg_master NULL check within resource_log_pipe_topology_update [Why] Coverity reports NULL_RETURN warning. [How] Add otg_master NULL check.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 30, 2024

  • 5.5

    MEDIUM
    CVE-2024-44982

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails If the dpu_format_populate_layout() fails, then FB is prepared, but not cleaned up. This ends up leaking the pin_count on the... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Oct. 10, 2024

  • 5.5

    MEDIUM
    CVE-2024-44191

    This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, Xcode 16, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. An app may gain unauthorized access to Bluetooth.... Read more

    • Published: Sep. 17, 2024
    • Modified: Mar. 25, 2025

  • 5.5

    MEDIUM
    CVE-2024-43902

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checker before passing variables Checks null pointer before passing variables to functions. This fixes 3 NULL_RETURNS issues reported by Coverity.... Read more

    Affected Products : linux_kernel
    • Published: Aug. 26, 2024
    • Modified: Aug. 27, 2024

  • 5.5

    MEDIUM
    CVE-2024-42255

    In the Linux kernel, the following vulnerability has been resolved: tpm: Use auth only after NULL check in tpm_buf_check_hmac_response() Dereference auth after NULL check in tpm_buf_check_hmac_response(). Otherwise, unless tpm2_sessions_init() was calle... Read more

    Affected Products : linux_kernel
    • Published: Aug. 08, 2024
    • Modified: Sep. 06, 2024

  • 5.5

    MEDIUM
    CVE-2024-42232

    In the Linux kernel, the following vulnerability has been resolved: libceph: fix race between delayed_work() and ceph_monc_stop() The way the delayed work is handled in ceph_monc_stop() is prone to races with mon_fault() and possibly also finish_hunting... Read more

    Affected Products : linux_kernel
    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024

  • 5.5

    MEDIUM
    CVE-2024-42076

    In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939_send_one() syzbot reported kernel-infoleak in raw_recvmsg() [1]. j1939_send_one() creates full frame including unused data, but it doesn... Read more

    Affected Products : linux_kernel
    • Published: Jul. 29, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-38200

    arch/powerpc/perf/core-book3s.c in the Linux kernel before 5.12.13, on systems with perf_event_paranoid=-1 and no specific PMU driver support registered, allows local users to cause a denial of service (perf_instruction_pointer NULL pointer dereference an... Read more

    Affected Products : linux_kernel
    • Published: Aug. 08, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-41036

    In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Fix deadlock with the SPI chip variant When SMP is enabled and spinlocks are actually functional then there is a deadlock with the 'statelock' spinlock between ks8851_start... Read more

    Affected Products : linux_kernel
    • Published: Jul. 29, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-38428

    Delta Electronics DIALink versions 1.2.4.0 and prior is vulnerable to cross-site scripting because an authenticated attacker can inject arbitrary JavaScript code into the parameter name of the API schedule, which may allow an attacker to remotely execute ... Read more

    Affected Products : dialink
    • Published: Nov. 03, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-40973

    In the Linux kernel, the following vulnerability has been resolved: media: mtk-vcodec: potential null pointer deference in SCP The return value of devm_kzalloc() needs to be checked to avoid NULL pointer deference. This is similar to CVE-2022-3113.... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Mar. 07, 2025

  • 5.5

    MEDIUM
    CVE-2024-40859

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • Published: Sep. 17, 2024
    • Modified: Mar. 25, 2025

  • 5.5

    MEDIUM
    CVE-2024-40779

    An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web con... Read more

    • Published: Jul. 29, 2024
    • Modified: Mar. 13, 2025

  • 5.5

    MEDIUM
    CVE-2021-38107

    CdrCore.dll in Corel DrawStandard 2020 22.0.0.474 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of the curr... Read more

    Affected Products : coreldraw_2020 coreldraw
    • Published: Oct. 02, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-39474

    In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL commit a421ef303008 ("mm: allow !GFP_KERNEL allocations for kvmalloc") includes support for __GFP_NOFAIL, but i... Read more

    Affected Products : linux_kernel
    • Published: Jul. 05, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-38105

    IPPP82.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of the curr... Read more

    Affected Products : presentations_2020
    • Published: Oct. 01, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-38114

    libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868.... Read more

    Affected Products : debian_linux ffmpeg
    • Published: Aug. 04, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-38661

    In the Linux kernel, the following vulnerability has been resolved: s390/ap: Fix crash in AP internal function modify_bitmap() A system crash like this Failing address: 200000cb7df6f000 TEID: 200000cb7df6f403 Fault in home space mode while using ke... Read more

    Affected Products : linux_kernel
    • Published: Jun. 25, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-38108

    Word97Import200.dll in Corel WordPerfect 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of t... Read more

    Affected Products : wordperfect_2020
    • Published: Oct. 02, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-38118

    Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability... Read more

    • Published: Aug. 13, 2024
    • Modified: Aug. 16, 2024
Showing 20 of 292916 Results