Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-53077

    In the Linux kernel, the following vulnerability has been resolved: rpcrdma: Always release the rpcrdma_device's xa_array Dai pointed out that the xa_init_flags() in rpcrdma_add_one() needs to have a matching xa_destroy() in rpcrdma_remove_one() to rele... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Nov. 25, 2024

  • 5.5

    MEDIUM
    CVE-2016-4839

    The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward for SHIGA BANK (prior to v1.2.0), Money Forward for SHIZUOKA BANK (prior to v1.4.0), Money Forward for SBI Sumishin Net Bank (prior to v1.... Read more

    • EPSS Score: %0.19
    • Published: May. 12, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-49987

    In the Linux kernel, the following vulnerability has been resolved: bpftool: Fix undefined behavior in qsort(NULL, 0, ...) When netfilter has no entry to display, qsort is called with qsort(NULL, 0, ...). This results in undefined behavior, as UBSan rep... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 28, 2024

  • 5.5

    MEDIUM
    CVE-2024-49965

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: remove unreasonable unlock in ocfs2_read_blocks Patch series "Misc fixes for ocfs2_read_blocks", v5. This series contains 2 fixes for ocfs2_read_blocks(). The first patch fix t... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Nov. 08, 2024

  • 5.5

    MEDIUM
    CVE-2024-49944

    In the Linux kernel, the following vulnerability has been resolved: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start In sctp_listen_start() invoked by sctp_inet_listen(), it should set the sk_state back to CLOSED if sctp_autobind... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Nov. 13, 2024

  • 5.5

    MEDIUM
    CVE-2016-4679

    An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the "libarchive" component, which allows remote attackers ... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • EPSS Score: %0.63
    • Published: Feb. 20, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-49914

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for pipe_ctx->plane_state in dcn20_program_pipe This commit addresses a null pointer dereference issue in the `dcn20_program_pipe` function. The issue co... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Dec. 09, 2024

  • 5.5

    MEDIUM
    CVE-2024-49911

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func This commit adds a null check for the set_output_gamma function pointer in the dcn20_set_output_tr... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Dec. 14, 2024

  • 5.5

    MEDIUM
    CVE-2024-49886

    In the Linux kernel, the following vulnerability has been resolved: platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug Attaching SST PCI device to VM causes "BUG: KASAN: slab-out-of-bounds". kasan report: [ 19.411889] ====================... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Nov. 13, 2024

  • 5.5

    MEDIUM
    CVE-2024-49873

    In the Linux kernel, the following vulnerability has been resolved: mm/filemap: fix filemap_get_folios_contig THP panic Patch series "memfd-pin huge page fixes". Fix multiple bugs that occur when using memfd_pin_folios with hugetlb pages and THP. The ... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 5.5

    MEDIUM
    CVE-2024-50000

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() In mlx5e_tir_builder_alloc() kvzalloc() may return NULL which is dereferenced on the next line in a reference to the modify field.... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 25, 2024

  • 5.5

    MEDIUM
    CVE-2024-49529

    InDesign Desktop versions 19.0, 20.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this ... Read more

    Affected Products : macos windows indesign
    • Published: Nov. 21, 2024
    • Modified: Dec. 03, 2024

  • 5.5

    MEDIUM
    CVE-2016-4648

    Audio in Apple OS X before 10.11.6 allows local users to obtain sensitive kernel memory-layout information or cause a denial of service (out-of-bounds read) via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.13
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-4663

    An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to cause a denial of service (memory corruption) via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.19
    • Published: Feb. 20, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2016-4742

    NSSecureTextField in Apple OS X before 10.12 does not enable Secure Input, which allows attackers to discover credentials via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.25
    • Published: Sep. 25, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-4628

    IOAcceleratorFamily in Apple iOS before 9.3.3 and watchOS before 2.2.2 allows local users to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via unspecified vectors.... Read more

    Affected Products : iphone_os watchos
    • EPSS Score: %0.09
    • Published: Jul. 22, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2016-4661

    An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "ntfs" component, which misparses disk images and allows attackers to cause a denial of service via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.16
    • Published: Feb. 20, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-47734

    In the Linux kernel, the following vulnerability has been resolved: bonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave() syzbot reported a WARNING in bond_xdp_get_xmit_slave. To reproduce this[1], one bond device (bond1) has xdpdrv,... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 23, 2024

  • 5.5

    MEDIUM
    CVE-2024-47700

    In the Linux kernel, the following vulnerability has been resolved: ext4: check stripe size compatibility on remount as well We disable stripe size in __ext4_fill_super if it is not a multiple of the cluster ratio however this check is missed when tryin... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 23, 2024

  • 5.5

    MEDIUM
    CVE-2016-4581

    fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse a mount propagation tree in a certain case involving a slave mount, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted series of mo... Read more

    Affected Products : linux_kernel ubuntu_linux linux
    • EPSS Score: %0.08
    • Published: May. 23, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292495 Results