Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-2177

    A null pointer dereference issue was found in the sctp network protocol in net/sctp/stream_sched.c in Linux Kernel. If stream_in allocation is failed, stream_out is freed which would further be accessed. A local user could use this flaw to crash the syste... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Apr. 20, 2023
    • Modified: Mar. 18, 2025

  • 5.5

    MEDIUM
    CVE-2023-1583

    A NULL pointer dereference was found in io_file_bitmap_get in io_uring/filetable.c in the io_uring sub-component in the Linux Kernel. When fixed files are unregistered, some context information (file_alloc_{start,end} and alloc_hint) is not cleared. A sub... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Mar. 24, 2023
    • Modified: Feb. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-13227

    In the autofill service, the package name that is provided by the app process is trusted inappropriately.  This could lead to information disclosure with no additional execution privileges needed.  User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Nov. 14, 2024
    • Modified: Nov. 20, 2024

  • 5.5

    MEDIUM
    CVE-2022-49751

    In the Linux kernel, the following vulnerability has been resolved: w1: fix WARNING after calling w1_process() I got the following WARNING message while removing driver(ds2482): ------------[ cut here ]------------ do not call blocking ops when !TASK_R... Read more

    Affected Products : linux_kernel
    • Published: Mar. 27, 2025
    • Modified: Apr. 14, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2017-12982

    The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG 2.2.0 does not reject headers with a zero biBitCount, which allows remote attackers to cause a denial of service (memory allocation failure) in the opj_image_create function in lib/open... Read more

    Affected Products : openjpeg
    • EPSS Score: %0.27
    • Published: Aug. 21, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2022-49727

    In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg When len >= INT_MAX - transhdrlen, ulen = len + transhdrlen will be overflow. To fix, we can follow what udpv6 does and subtract th... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Mar. 07, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2017-12912

    The "mpglibDBL/layer3.c" file in MP3Gain 1.5.2.r2 has a vulnerability which results in a read access violation when opening a crafted MP3 file.... Read more

    Affected Products : mp3gain
    • EPSS Score: %0.16
    • Published: Sep. 07, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2022-49568

    In the Linux kernel, the following vulnerability has been resolved: KVM: Don't null dereference ops->destroy A KVM device cleanup happens in either of two callbacks: 1) destroy() which is called when the VM is being destroyed; 2) release() which is call... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Feb. 26, 2025

  • 5.5

    MEDIUM
    CVE-2017-12911

    The "apetag.c" file in MP3Gain 1.5.2.r2 has a vulnerability which results in a stack memory corruption when opening a crafted MP3 file.... Read more

    Affected Products : mp3gain
    • EPSS Score: %0.22
    • Published: Sep. 07, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2022-49224

    In the Linux kernel, the following vulnerability has been resolved: power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init kobject_init_and_add() takes reference even when it fails. According to the doc of kobject_init_and_add(): If this fun... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Mar. 18, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2022-49123

    In the Linux kernel, the following vulnerability has been resolved: ath11k: Fix frames flush failure caused by deadlock We are seeing below warnings: kernel: [25393.301506] ath11k_pci 0000:01:00.0: failed to flush mgmt transmit queue 0 kernel: [25398.4... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Race Condition

  • 5.5

    MEDIUM
    CVE-2022-49007

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry() Syzbot reported a null-ptr-deref bug: NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP ... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 25, 2024

  • 5.5

    MEDIUM
    CVE-2022-48987

    In the Linux kernel, the following vulnerability has been resolved: media: v4l2-dv-timings.c: fix too strict blanking sanity checks Sanity checks were added to verify the v4l2_bt_timings blanking fields in order to avoid integer overflows when userspace... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Nov. 01, 2024

  • 5.5

    MEDIUM
    CVE-2022-48969

    In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Fix NULL sring after live migration A NAPI is setup for each network sring to poll data to kernel The sring with source host is destroyed before live migration and new sri... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 25, 2024

  • 5.5

    MEDIUM
    CVE-2022-48961

    In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix unbalanced fwnode reference count in mdio_device_release() There is warning report about of_node refcount leak while probing mdio device: OF: ERROR: memory leak, expecte... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 5.5

    MEDIUM
    CVE-2022-48907

    In the Linux kernel, the following vulnerability has been resolved: auxdisplay: lcd2s: Fix memory leak in ->remove() Once allocated the struct lcd2s_data is never freed. Fix the memory leak by switching to devm_kzalloc().... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2024
    • Modified: Sep. 12, 2024

  • 5.5

    MEDIUM
    CVE-2022-49028

    In the Linux kernel, the following vulnerability has been resolved: ixgbevf: Fix resource leak in ixgbevf_init_module() ixgbevf_init_module() won't destroy the workqueue created by create_singlethread_workqueue() when pci_register_driver() failed. Add d... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 5.5

    MEDIUM
    CVE-2022-48863

    In the Linux kernel, the following vulnerability has been resolved: mISDN: Fix memory leak in dsp_pipeline_build() dsp_pipeline_build() allocates dup pointer by kstrdup(cfg), but then it updates dup variable by strsep(&dup, "|"). As a result when it cal... Read more

    Affected Products : linux_kernel
    • Published: Jul. 16, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-48691

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: clean up hook list when offload flags check fails splice back the hook list so nft_chain_release_hook() has a chance to release the hooks. BUG: memory leak unrefe... Read more

    Affected Products : linux_kernel
    • Published: May. 03, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-48808

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix panic when DSA master device unbinds on shutdown Rafael reports that on a system with LX2160A and Marvell DSA switches, if a reboot occurs while the DSA master (dpaa2-eth)... Read more

    Affected Products : linux_kernel
    • Published: Jul. 16, 2024
    • Modified: Nov. 21, 2024
Showing 20 of 292758 Results