Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2025-21964

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acregmax mount option User-provided mount parameter acregmax of type u32 is intended to have an upper limit, but before it is validated, the ... Read more

    Affected Products : linux_kernel
    • Published: Apr. 01, 2025
    • Modified: Apr. 14, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2023-36009

    Microsoft Word Information Disclosure Vulnerability... Read more

    • EPSS Score: %0.19
    • Published: Dec. 12, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-44970

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink When all the strides in a WQE have been consumed, the WQE is unlinked from the WQ linked list (mlx5_wq_ll_pop()). For SHAMPO, it is ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Oct. 03, 2024

  • 5.5

    MEDIUM
    CVE-2024-45012

    In the Linux kernel, the following vulnerability has been resolved: nouveau/firmware: use dma non-coherent allocator Currently, enabling SG_DEBUG in the kernel will cause nouveau to hit a BUG() on startup, when the iommu is enabled: kernel BUG at inclu... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2024
    • Modified: Sep. 13, 2024

  • 5.5

    MEDIUM
    CVE-2022-0562

    Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is a... Read more

    • EPSS Score: %0.06
    • Published: Feb. 11, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-26088

    A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a.... Read more

    • EPSS Score: %0.01
    • Published: Sep. 24, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-58068

    In the Linux kernel, the following vulnerability has been resolved: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized If a driver calls dev_pm_opp_find_bw_ceil/floor() the retrieve bandwidth from the OPP table but the bandwidth table ... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Mar. 25, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2022-49848

    In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp-combo: fix NULL-deref on runtime resume Commit fc64623637da ("phy: qcom-qmp-combo,usb: add support for separate PCS_USB region") started treating the PCS_USB registers as ... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2023-4134

    A use-after-free vulnerability was found in the cyttsp4_core driver in the Linux kernel. This issue occurs in the device cleanup routine due to a possible rearming of the watchdog_timer from the workqueue. This could allow a local user to crash the system... Read more

    Affected Products : linux_kernel fedora
    • Published: Nov. 14, 2024
    • Modified: Nov. 18, 2024

  • 5.5

    MEDIUM
    CVE-2024-46719

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix null pointer dereference in trace ucsi_register_altmode checks IS_ERR for the alt pointer and treats NULL as valid. When CONFIG_TYPEC_DP_ALTMODE is not enabled, uc... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 20, 2024

  • 5.5

    MEDIUM
    CVE-2024-46755

    In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() mwifiex_get_priv_by_id() returns the priv pointer corresponding to the bss_num and bss_type, but without checking if... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 26, 2024

  • 5.5

    MEDIUM
    CVE-2024-46799

    In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: Fix NULL dereference on XDP_TX If number of TX queues are set to 1 we get a NULL pointer dereference during XDP_TX. ~# ethtool -L eth0 tx 1 ~# ./xdp-traff... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 23, 2024

  • 5.5

    MEDIUM
    CVE-2024-46808

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add missing NULL pointer check within dpcd_extend_address_range [Why & How] ASSERT if return NULL from kcalloc.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 27, 2024
    • Modified: Oct. 02, 2024

  • 5.5

    MEDIUM
    CVE-2024-46846

    In the Linux kernel, the following vulnerability has been resolved: spi: rockchip: Resolve unbalanced runtime PM / system PM handling Commit e882575efc77 ("spi: rockchip: Suspend and resume the bus during NOIRQ_SYSTEM_SLEEP_PM ops") stopped respecting r... Read more

    Affected Products : linux_kernel
    • Published: Sep. 27, 2024
    • Modified: Oct. 08, 2024

  • 5.5

    MEDIUM
    CVE-2009-3621

    net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a ser... Read more

    • EPSS Score: %0.04
    • Published: Oct. 22, 2009
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2023-37454

    An issue was discovered in the Linux kernel through 6.4.2. A crafted UDF filesystem image causes a use-after-free write operation in the udf_put_super and udf_close_lvid functions in fs/udf/super.c. NOTE: the suse.com reference has a different perspective... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Jul. 06, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-0975

    An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerabilit... Read more

    • EPSS Score: %2.23
    • Published: Apr. 12, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-24758

    libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.... Read more

    Affected Products : debian_linux libde265
    • EPSS Score: %0.02
    • Published: Mar. 01, 2023
    • Modified: Mar. 07, 2025

  • 5.5

    MEDIUM
    CVE-2024-47704

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check link_res->hpo_dp_link_enc before using it [WHAT & HOW] Functions dp_enable_link_phy and dp_disable_link_phy can pass link_res without initializing hpo_dp_link_enc... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 5.5

    MEDIUM
    CVE-2024-45778

    A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash.... Read more

    Affected Products : grub2
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Denial of Service
Showing 20 of 291305 Results