Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-26896

    In the Linux kernel, the following vulnerability has been resolved: wifi: wfx: fix memory leak when starting AP Kmemleak reported this error: unreferenced object 0xd73d1180 (size 184): comm "wpa_supplicant", pid 1559, jiffies 13006305 (age 96... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Mar. 21, 2025

  • 5.5

    MEDIUM
    CVE-2021-28689

    x86: Speculative vulnerabilities with bare (non-shim) 32-bit PV guests 32-bit x86 PV guest kernels run in ring 1. At the time when Xen was developed, this area of the i386 architecture was rarely used, which is why Xen was able to use it to implement para... Read more

    Affected Products : xen
    • Published: Jun. 11, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26901

    In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in do_sys_name_to_handle() and issued the following report [1]. ... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26891

    In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected For those endpoint devices connect to system via hotplug capable ports, users could request a hot reset to t... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: May. 07, 2025

  • 5.5

    MEDIUM
    CVE-2021-29463

    Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to wri... Read more

    Affected Products : fedora exiv2
    • Published: Apr. 30, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26879

    In the Linux kernel, the following vulnerability has been resolved: clk: meson: Add missing clocks to axg_clk_regmaps Some clocks were missing from axg_clk_regmaps, which caused kernel panic during cat /sys/kernel/debug/clk/clk_summary [ 57.349402] U... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Jan. 27, 2025

  • 5.5

    MEDIUM
    CVE-2018-3837

    An exploitable information disclosure vulnerability exists in the PCX image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted PCX image can cause an out-of-bounds read on the heap, resulting in information disclosur... Read more

    • Published: Apr. 10, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26881

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when 1588 is received on HIP08 devices The HIP08 devices does not register the ptp devices, so the hdev->ptp is NULL, but the hardware can receive 1588 messa... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-30471

    A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary function in src/podofo/doc/PdfNamesTree.cpp can lead to a stack overflow.... Read more

    Affected Products : enterprise_linux fedora podofo
    • Published: May. 26, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26866

    In the Linux kernel, the following vulnerability has been resolved: spi: lpspi: Avoid potential use-after-free in probe() fsl_lpspi_probe() is allocating/disposing memory manually with spi_alloc_host()/spi_alloc_target(), but uses devm_spi_register_cont... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Jan. 27, 2025

  • 5.5

    MEDIUM
    CVE-2024-26900

    In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev->serial If kobject_add() is fail in bind_rdev_to_array(), 'rdev->serial' will be alloc not be freed, and kmemleak occurs. unreferenced object 0xffff88815a35000... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26876

    In the Linux kernel, the following vulnerability has been resolved: drm/bridge: adv7511: fix crash on irq during probe Moved IRQ registration down to end of adv7511_probe(). If an IRQ already is pending during adv7511_probe (before adv7511_cec_init) th... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26873

    In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Fix a deadlock issue related to automatic dump If we issue a disabling PHY command, the device attached with it will go offline, if a 2 bit ECC error occurs at the same ... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Jan. 10, 2025

  • 5.5

    MEDIUM
    CVE-2024-26849

    In the Linux kernel, the following vulnerability has been resolved: netlink: add nla be16/32 types to minlen array BUG: KMSAN: uninit-value in nla_validate_range_unsigned lib/nlattr.c:222 [inline] BUG: KMSAN: uninit-value in nla_validate_int_range lib/n... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Feb. 03, 2025

  • 5.5

    MEDIUM
    CVE-2014-0642

    EMC Documentum Content Server before 6.7 SP1 P26, 6.7 SP2 before P13, 7.0 before P13, and 7.1 before P02 allows remote authenticated users to bypass intended access restrictions and read metadata from certain folders via unspecified vectors.... Read more

    Affected Products : documentum_content_server
    • Published: Apr. 15, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2024-26857

    In the Linux kernel, the following vulnerability has been resolved: geneve: make sure to pull inner header in geneve_rx() syzbot triggered a bug in geneve_rx() [1] Issue is similar to the one I fixed in commit 8d975c15c0cd ("ip6_tunnel: make sure to pu... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 17, 2024
    • Modified: Mar. 21, 2025

  • 5.5

    MEDIUM
    CVE-2024-26841

    In the Linux kernel, the following vulnerability has been resolved: LoongArch: Update cpu_sibling_map when disabling nonboot CPUs Update cpu_sibling_map when disabling nonboot CPUs by defining & calling clear_cpu_sibling_map(), otherwise we get such err... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Apr. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-26835

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: set dormant flag on hook register failure We need to set the dormant flag again if we fail to register the hooks. During memory pressure hook registration can fai... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 17, 2024
    • Modified: Apr. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-26840

    In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix memory leak in cachefiles_add_cache() The following memory leak was reported after unbinding /dev/cachefiles: ==========================================================... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Jan. 07, 2025

  • 5.5

    MEDIUM
    CVE-2024-26834

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_flow_offload: release dst in case direct xmit path is used Direct xmit does not use it since it calls dev_queue_xmit() to send packets, hence it calls dst_release(). kme... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Apr. 02, 2025
Showing 20 of 293304 Results