Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-40843

    The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An app may be able to modify protected parts of the file system.... Read more

    Affected Products : macos
    • Published: Sep. 17, 2024
    • Modified: Mar. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-39489

    In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix memleak in seg6_hmac_init_algo seg6_hmac_init_algo returns without cleaning up the previous allocations if one fails, so it's going to leak all that memory and the crypto ... Read more

    Affected Products : linux_kernel
    • Published: Jul. 10, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-15841

    When HOST sends a Special command ID packet, Controller triggers a RAM Dump and FW reset in Snapdragon Mobile in version SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, Snapdragon_High_Med_2016.... Read more

    • Published: May. 06, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-15873

    The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation.... Read more

    Affected Products : ubuntu_linux debian_linux busybox
    • Published: Oct. 24, 2017
    • Modified: Jun. 09, 2025

  • 5.5

    MEDIUM
    CVE-2024-36481

    In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parse_btf_field() btf_find_struct_member() might return NULL or an error via the ERR_PTR() macro. However, its caller in parse_btf_field() only checks... Read more

    Affected Products : linux_kernel
    • Published: Jun. 21, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-35986

    In the Linux kernel, the following vulnerability has been resolved: phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered The power_supply frame-work is not really designed for there to be long living in kernel references to power_... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2024
    • Modified: Apr. 04, 2025

  • 5.5

    MEDIUM
    CVE-2024-35953

    In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix deadlock in context_xa ivpu_device->context_xa is locked both in kernel thread and IRQ context. It requires XA_FLAGS_LOCK_IRQ flag to be passed during initialization oth... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2024
    • Modified: Jan. 10, 2025

  • 5.5

    MEDIUM
    CVE-2017-15642

    In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is a Use-After-Free vulnerability triggered by supplying a malformed AIFF file.... Read more

    Affected Products : debian_linux sound_exchange
    • Published: Oct. 19, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-3567

    A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This flaw allows a malicious guest to crash QEMU and cause a... Read more

    Affected Products : enterprise_linux qemu
    • Published: Apr. 10, 2024
    • Modified: May. 06, 2025

  • 5.5

    MEDIUM
    CVE-2024-35247

    In the Linux kernel, the following vulnerability has been resolved: fpga: region: add owner module and take its refcount The current implementation of the fpga region assumes that the low-level module registers a driver for the parent device and uses it... Read more

    Affected Products : linux_kernel
    • Published: Jun. 24, 2024
    • Modified: Feb. 03, 2025

  • 5.5

    MEDIUM
    CVE-2024-34101

    Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR.... Read more

    • Published: May. 15, 2024
    • Modified: Dec. 02, 2024

  • 5.5

    MEDIUM
    CVE-2024-43500

    Windows Resilient File System (ReFS) Information Disclosure Vulnerability... Read more

    • Published: Oct. 08, 2024
    • Modified: Oct. 17, 2024

  • 5.5

    MEDIUM
    CVE-2017-15537

    The x86/fpu (Floating Point Unit) subsystem in the Linux kernel before 4.13.5, when a processor supports the xsave feature but not the xsaves feature, does not correctly handle attempts to set reserved bits in the xstate header via the ptrace() or rt_sigr... Read more

    Affected Products : linux_kernel
    • Published: Oct. 17, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-27062

    In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram ba... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Apr. 08, 2025

  • 5.5

    MEDIUM
    CVE-2024-27048

    In the Linux kernel, the following vulnerability has been resolved: wifi: brcm80211: handle pmk_op allocation failure The kzalloc() in brcmf_pmksa_v3_op() will return null if the physical memory has run out. As a result, if we dereference the null value... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Dec. 23, 2024

  • 5.5

    MEDIUM
    CVE-2024-26978

    In the Linux kernel, the following vulnerability has been resolved: serial: max310x: fix NULL pointer dereference in I2C instantiation When trying to instantiate a max14830 device from userspace: echo max14830 0x60 > /sys/bus/i2c/devices/i2c-2/new_... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26889

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix possible buffer overflow struct hci_dev_info has a fixed size name[8] field so in the event that hdev->name is bigger than that strcpy would attempt to write pa... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 17, 2024
    • Modified: Mar. 21, 2025

  • 5.5

    MEDIUM
    CVE-2024-26887

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: Fix memory leak This checks if CONFIG_DEV_COREDUMP is enabled before attempting to clone the skb and also make sure btmtk_process_coredump frees the skb passed followi... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Jan. 07, 2025

  • 5.5

    MEDIUM
    CVE-2024-26871

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix NULL pointer dereference in f2fs_submit_page_write() BUG: kernel NULL pointer dereference, address: 0000000000000014 RIP: 0010:f2fs_submit_page_write+0x6cf/0x780 [f2fs] Call T... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Jan. 14, 2025

  • 5.5

    MEDIUM
    CVE-2024-26838

    In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix KASAN issue with tasklet KASAN testing revealed the following issue assocated with freeing an IRQ. [50006.466686] Call Trace: [50006.466691] <IRQ> [50006.489538] dump... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Apr. 02, 2025
Showing 20 of 293493 Results