Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-0562

    Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is a... Read more

    • EPSS Score: %0.06
    • Published: Feb. 11, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-26088

    A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a.... Read more

    • EPSS Score: %0.01
    • Published: Sep. 24, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-58068

    In the Linux kernel, the following vulnerability has been resolved: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized If a driver calls dev_pm_opp_find_bw_ceil/floor() the retrieve bandwidth from the OPP table but the bandwidth table ... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Mar. 25, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2022-49848

    In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp-combo: fix NULL-deref on runtime resume Commit fc64623637da ("phy: qcom-qmp-combo,usb: add support for separate PCS_USB region") started treating the PCS_USB registers as ... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2023-4134

    A use-after-free vulnerability was found in the cyttsp4_core driver in the Linux kernel. This issue occurs in the device cleanup routine due to a possible rearming of the watchdog_timer from the workqueue. This could allow a local user to crash the system... Read more

    Affected Products : linux_kernel fedora
    • Published: Nov. 14, 2024
    • Modified: Nov. 18, 2024

  • 5.5

    MEDIUM
    CVE-2024-46719

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix null pointer dereference in trace ucsi_register_altmode checks IS_ERR for the alt pointer and treats NULL as valid. When CONFIG_TYPEC_DP_ALTMODE is not enabled, uc... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 20, 2024

  • 5.5

    MEDIUM
    CVE-2024-46755

    In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() mwifiex_get_priv_by_id() returns the priv pointer corresponding to the bss_num and bss_type, but without checking if... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 26, 2024

  • 5.5

    MEDIUM
    CVE-2024-46799

    In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: Fix NULL dereference on XDP_TX If number of TX queues are set to 1 we get a NULL pointer dereference during XDP_TX. ~# ethtool -L eth0 tx 1 ~# ./xdp-traff... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 23, 2024

  • 5.5

    MEDIUM
    CVE-2024-46808

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add missing NULL pointer check within dpcd_extend_address_range [Why & How] ASSERT if return NULL from kcalloc.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 27, 2024
    • Modified: Oct. 02, 2024

  • 5.5

    MEDIUM
    CVE-2024-46846

    In the Linux kernel, the following vulnerability has been resolved: spi: rockchip: Resolve unbalanced runtime PM / system PM handling Commit e882575efc77 ("spi: rockchip: Suspend and resume the bus during NOIRQ_SYSTEM_SLEEP_PM ops") stopped respecting r... Read more

    Affected Products : linux_kernel
    • Published: Sep. 27, 2024
    • Modified: Oct. 08, 2024

  • 5.5

    MEDIUM
    CVE-2009-3621

    net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a ser... Read more

    • EPSS Score: %0.04
    • Published: Oct. 22, 2009
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2023-37454

    An issue was discovered in the Linux kernel through 6.4.2. A crafted UDF filesystem image causes a use-after-free write operation in the udf_put_super and udf_close_lvid functions in fs/udf/super.c. NOTE: the suse.com reference has a different perspective... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.01
    • Published: Jul. 06, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-0975

    An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerabilit... Read more

    • EPSS Score: %2.23
    • Published: Apr. 12, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-24758

    libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.... Read more

    Affected Products : debian_linux libde265
    • EPSS Score: %0.02
    • Published: Mar. 01, 2023
    • Modified: Mar. 07, 2025

  • 5.5

    MEDIUM
    CVE-2024-47704

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check link_res->hpo_dp_link_enc before using it [WHAT & HOW] Functions dp_enable_link_phy and dp_disable_link_phy can pass link_res without initializing hpo_dp_link_enc... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 5.5

    MEDIUM
    CVE-2024-45778

    A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash.... Read more

    Affected Products : grub2
    • Published: Mar. 03, 2025
    • Modified: Mar. 03, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2024-4840

    An flaw was found in the OpenStack Platform (RHOSP) director, a toolset for installing and managing a complete RHOSP environment. Plaintext passwords may be stored in log files, which can expose sensitive information to anyone with access to the logs.... Read more

    Affected Products : glance-store
    • Published: May. 14, 2024
    • Modified: Nov. 25, 2024

  • 5.5

    MEDIUM
    CVE-2018-1000040

    In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.... Read more

    Affected Products : debian_linux mupdf
    • EPSS Score: %0.26
    • Published: May. 24, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-44995

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix a deadlock problem when config TC during resetting When config TC during the reset process, may cause a deadlock, the flow is as below: pf re... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2024
    • Modified: Sep. 15, 2024

  • 5.5

    MEDIUM
    CVE-2023-42932

    A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to access protected user data.... Read more

    Affected Products : macos
    • EPSS Score: %0.02
    • Published: Dec. 12, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 291360 Results