Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-26811

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate payload size in ipc response If installing malicious ksmbd-tools, ksmbd.mountd can return invalid ipc response to ksmbd kernel server. ksmbd should validate payload size... Read more

    Affected Products : linux_kernel
    • Published: Apr. 08, 2024
    • Modified: Mar. 27, 2025

  • 5.5

    MEDIUM
    CVE-2024-26761

    In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window The Linux CXL subsystem is built on the assumption that HPA == SPA. That is, the host physical address (HP... Read more

    Affected Products : linux_kernel
    • Published: Apr. 03, 2024
    • Modified: Mar. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-26775

    In the Linux kernel, the following vulnerability has been resolved: aoe: avoid potential deadlock at set_capacity Move set_capacity() outside of the section procected by (&d->lock). To avoid possible interrupt unsafe locking scenario: CPU0 ... Read more

    Affected Products : linux_kernel
    • Published: Apr. 03, 2024
    • Modified: Jul. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-26771

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: edma: Add some null pointer checks to the edma_probe devm_kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocat... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 03, 2024
    • Modified: Jan. 27, 2025

  • 5.5

    MEDIUM
    CVE-2024-26767

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed integer types and null check locations [why]: issues fixed: - comparison with wider integer type in loop condition which can cause infinite loops - pointer derefe... Read more

    Affected Products : linux_kernel
    • Published: Apr. 03, 2024
    • Modified: Mar. 07, 2025

  • 5.5

    MEDIUM
    CVE-2024-26802

    In the Linux kernel, the following vulnerability has been resolved: stmmac: Clear variable when destroying workqueue Currently when suspending driver and stopping workqueue it is checked whether workqueue is not NULL and if so, it is destroyed. Function... Read more

    Affected Products : linux_kernel
    • Published: Apr. 04, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26766

    In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Unfortunately the commit `fd8958efe877` introduced another error causing the `descs` array to overflow. This reults in further crashes... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 03, 2024
    • Modified: Feb. 27, 2025

  • 5.5

    MEDIUM
    CVE-2024-26762

    In the Linux kernel, the following vulnerability has been resolved: cxl/pci: Skip to handle RAS errors if CXL.mem device is detached The PCI AER model is an awkward fit for CXL error handling. While the expectation is that a PCI device can escalate to l... Read more

    Affected Products : linux_kernel
    • Published: Apr. 03, 2024
    • Modified: Mar. 18, 2025

  • 5.5

    MEDIUM
    CVE-2024-26759

    In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix race when skipping swapcache When skipping swapcache for SWP_SYNCHRONOUS_IO, if two or more threads swapin the same entry at the same time, they get different pages (A, B).... Read more

    Affected Products : linux_kernel
    • Published: Apr. 03, 2024
    • Modified: Apr. 16, 2025

  • 5.5

    MEDIUM
    CVE-2024-26756

    In the Linux kernel, the following vulnerability has been resolved: md: Don't register sync_thread for reshape directly Currently, if reshape is interrupted, then reassemble the array will register sync_thread directly from pers->run(), in this case 'MD... Read more

    Affected Products : linux_kernel
    • Published: Apr. 03, 2024
    • Modified: Mar. 17, 2025

  • 5.5

    MEDIUM
    CVE-2022-24191

    In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow.... Read more

    Affected Products : fedora htmldoc
    • Published: Apr. 04, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2014-0372

    Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.1, and 12.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown v... Read more

    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2024-26758

    In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in md_check_recovery() mddev_suspend() never stop sync_thread, hence it doesn't make sense to ignore suspended array in md_check_recovery(), which might... Read more

    Affected Products : linux_kernel
    • Published: Apr. 03, 2024
    • Modified: Apr. 04, 2025

  • 5.5

    MEDIUM
    CVE-2021-37600

    An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library env... Read more

    • Published: Jul. 30, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26743

    In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix qedr_create_user_qp error flow Avoid the following warning by making sure to free the allocated resources in case that qedr_init_user_queue() fail. -----------[ cut here... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 03, 2024
    • Modified: Mar. 17, 2025

  • 5.5

    MEDIUM
    CVE-2021-37622

    Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was found in Exiv2 versions v0.27.4 and earlier. The infinite loop is triggered when Exiv2 is used to modify the me... Read more

    Affected Products : fedora debian_linux exiv2
    • Published: Aug. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26732

    In the Linux kernel, the following vulnerability has been resolved: net: implement lockless setsockopt(SO_PEEK_OFF) syzbot reported a lockdep violation [1] involving af_unix support of SO_PEEK_OFF. Since SO_PEEK_OFF is inherently not thread safe (it us... Read more

    Affected Products : linux_kernel
    • Published: Apr. 03, 2024
    • Modified: Feb. 03, 2025

  • 5.5

    MEDIUM
    CVE-2024-26750

    In the Linux kernel, the following vulnerability has been resolved: af_unix: Drop oob_skb ref before purging queue in GC. syzbot reported another task hung in __unix_gc(). [0] The current while loop assumes that all of the left candidates have oob_skb... Read more

    Affected Products : linux_kernel
    • Published: Apr. 04, 2024
    • Modified: Mar. 18, 2025

  • 5.5

    MEDIUM
    CVE-2014-0367

    Unspecified vulnerability in the Hyperion Essbase Administration Services component in Oracle Hyperion 11.1.2.1, 11.1.2.2, and 11.1.2.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Admin Console.... Read more

    Affected Products : hyperion
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2024-26744

    In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Support specifying the srpt_service_guid parameter Make loading ib_srpt with this parameter set work. The current behavior is that setting that parameter while loading the ib... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 03, 2024
    • Modified: May. 02, 2025
Showing 20 of 293261 Results