Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-29869

    Hive creates a credentials file to a temporary directory in the file system with permissions 644 by default when the file permissions are not set explicitly. Any unauthorized user having access to the directory can read the sensitive information written i... Read more

    Affected Products : hive
    • Published: Jan. 28, 2025
    • Modified: Jul. 15, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2017-9412

    The unpack_read_samples function in frontend/get_audio.c in LAME 3.99.5 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted wav file.... Read more

    Affected Products : lame
    • EPSS Score: %2.48
    • Published: Jul. 27, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-27860

    The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An application may be able to read restricted memory.... Read more

    Affected Products : macos
    • Published: Sep. 17, 2024
    • Modified: Mar. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-9374

    Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the device.... Read more

    Affected Products : qemu
    • EPSS Score: %0.09
    • Published: Jun. 16, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-27068

    In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/mediatek/lvts_thermal: Fix a memory leak in an error handling path If devm_krealloc() fails, then 'efuse' is leaking. So free it to avoid a leak.... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Dec. 23, 2024

  • 5.5

    MEDIUM
    CVE-2024-27033

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to remove unnecessary f2fs_bug_on() to avoid panic verify_blkaddr() will trigger panic once we inject fault into f2fs_is_valid_blkaddr(), fix to remove this unnecessary f2fs_b... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Dec. 23, 2024

  • 5.5

    MEDIUM
    CVE-2024-27011

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak in map from abort path The delete set command does not rely on the transaction object for element removal, therefore, a combination of delete element +... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Dec. 23, 2024

  • 5.5

    MEDIUM
    CVE-2024-26970

    In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq6018: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays... Read more

    Affected Products : linux_kernel debian_linux
    • Published: May. 01, 2024
    • Modified: Mar. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-26853

    In the Linux kernel, the following vulnerability has been resolved: igc: avoid returning frame twice in XDP_REDIRECT When a frame can not be transmitted in XDP_REDIRECT (e.g. due to a full queue), it is necessary to free it by calling xdp_return_frame_r... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Apr. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-26831

    In the Linux kernel, the following vulnerability has been resolved: net/handshake: Fix handshake_req_destroy_test1 Recently, handshake_req_destroy_test1 started failing: Expected handshake_req_destroy_test == req, but handshake_req_destroy_test == ... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Apr. 02, 2025

  • 5.5

    MEDIUM
    CVE-2017-9373

    Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the AHCI device.... Read more

    Affected Products : debian_linux qemu
    • EPSS Score: %0.09
    • Published: Jun. 16, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-26817

    In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing the multiplication which might overflow.... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 13, 2024
    • Modified: Feb. 03, 2025

  • 5.5

    MEDIUM
    CVE-2024-26774

    In the Linux kernel, the following vulnerability has been resolved: ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt Determine if bb_fragments is 0 instead of determining bb_free to eliminate the risk of dividing by z... Read more

    Affected Products : linux_kernel
    • Published: Apr. 03, 2024
    • Modified: Jun. 19, 2025

  • 5.5

    MEDIUM
    CVE-2024-26740

    In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: use the backlog for mirred ingress The test Davide added in commit ca22da2fbd69 ("act_mirred: use the backlog for nested calls to mirred ingress") hangs our testi... Read more

    Affected Products : linux_kernel
    • Published: Apr. 03, 2024
    • Modified: Mar. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-26738

    In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: DLPAR add doesn't completely initialize pci_controller When a PCI device is dynamically added, the kernel oopses with a NULL pointer dereference: BUG: Kernel N... Read more

    Affected Products : linux_kernel
    • Published: Apr. 03, 2024
    • Modified: Jan. 07, 2025

  • 5.5

    MEDIUM
    CVE-2024-26719

    In the Linux kernel, the following vulnerability has been resolved: nouveau: offload fence uevents work to workqueue This should break the deadlock between the fctx lock and the irq lock. This offloads the processing off the work from the irq into a wo... Read more

    Affected Products : linux_kernel
    • Published: Apr. 03, 2024
    • Modified: Feb. 03, 2025

  • 5.5

    MEDIUM
    CVE-2024-26618

    In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Always exit sme_alloc() early with existing storage When sme_alloc() is called with existing storage and we are not flushing we will always allocate new storage, both leaking... Read more

    Affected Products : linux_kernel
    • Published: Mar. 11, 2024
    • Modified: May. 22, 2025

  • 5.5

    MEDIUM
    CVE-2024-2611

    A missing delay on when pointer lock was used could have allowed a malicious page to trick a user into granting permissions. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.... Read more

    • Published: Mar. 19, 2024
    • Modified: Apr. 01, 2025

  • 5.5

    MEDIUM
    CVE-2017-9259

    The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (memory allocation error and application crash) via a crafted wav file.... Read more

    Affected Products : soundtouch
    • EPSS Score: %4.22
    • Published: Jul. 27, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-9242

    The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted sy... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.05
    • Published: May. 27, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 292512 Results