Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-26807

    In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi ->runtime_suspend() and ->runtime_resume() implementations start with: struct cqspi_st *cqspi = dev_get_drvdata(dev); struct spi_controller *host = dev_get_drvdat... Read more

    Affected Products : linux_kernel
    • Published: Apr. 04, 2024
    • Modified: May. 22, 2025

  • 5.5

    MEDIUM
    CVE-2024-26808

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER event is reported, otherwise a st... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 04, 2024
    • Modified: Apr. 04, 2025

  • 5.5

    MEDIUM
    CVE-2024-26806

    In the Linux kernel, the following vulnerability has been resolved: spi: cadence-qspi: remove system-wide suspend helper calls from runtime PM hooks The ->runtime_suspend() and ->runtime_resume() callbacks are not expected to call spi_controller_suspend... Read more

    Affected Products : linux_kernel
    • Published: Apr. 04, 2024
    • Modified: Mar. 27, 2025

  • 5.5

    MEDIUM
    CVE-2024-26801

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Avoid potential use-after-free in hci_error_reset While handling the HCI_EV_HARDWARE_ERROR event, if the underlying BT controller is not responding, the GPIO reset mechanism ... Read more

    Affected Products : linux_kernel
    • Published: Apr. 04, 2024
    • Modified: Dec. 20, 2024

  • 5.5

    MEDIUM
    CVE-2021-29338

    Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files.... Read more

    Affected Products : fedora openjpeg debian_linux
    • Published: Apr. 14, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26790

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read There is chip (ls1028a) errata: The SoC may hang on 16 byte unaligned read transactions by QDMA. Unaligned read transac... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 04, 2024
    • Modified: Feb. 27, 2025

  • 5.5

    MEDIUM
    CVE-2024-26860

    In the Linux kernel, the following vulnerability has been resolved: dm-integrity: fix a memory leak when rechecking the data Memory for the "checksums" pointer will leak if the data is rechecked after checksum failure (because the associated kfree won't... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Jan. 07, 2025

  • 5.5

    MEDIUM
    CVE-2024-26785

    In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix protection fault in iommufd_test_syz_conv_iova Syzkaller reported the following bug: general protection fault, probably for non-canonical address 0xdffffc0000000038: 000... Read more

    Affected Products : linux_kernel
    • Published: Apr. 04, 2024
    • Modified: Apr. 04, 2025

  • 5.5

    MEDIUM
    CVE-2022-22600

    The issue was addressed with improved permissions logic. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A malicious application may be able to bypass certain Privacy preferences.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26787

    In the Linux kernel, the following vulnerability has been resolved: mmc: mmci: stm32: fix DMA API overlapping mappings warning Turning on CONFIG_DMA_API_DEBUG_SG results in the following warning: DMA-API: mmci-pl18x 48220000.mmc: cacheline tracking EEX... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 04, 2024
    • Modified: Mar. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-26788

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: init irq after reg initialization Initialize the qDMA irqs after the registers are configured so that interrupts that may have been pending from a primary kernel do... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 04, 2024
    • Modified: Apr. 01, 2025

  • 5.5

    MEDIUM
    CVE-2024-26773

    In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() Determine if the group block bitmap is corrupted before using ac_b_ex in ext4_mb_try_best_found() to avoid... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 03, 2024
    • Modified: Mar. 18, 2025

  • 5.5

    MEDIUM
    CVE-2024-26780

    In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix task hung while purging oob_skb in GC. syzbot reported a task hung; at the same time, GC was looping infinitely in list_for_each_entry_safe() for OOB skb. [0] syzbot demo... Read more

    Affected Products : linux_kernel
    • Published: Apr. 04, 2024
    • Modified: Mar. 18, 2025

  • 5.5

    MEDIUM
    CVE-2024-26778

    In the Linux kernel, the following vulnerability has been resolved: fbdev: savage: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl() interface. If the driver doesn't check the value of pixclock, ... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 03, 2024
    • Modified: Feb. 27, 2025

  • 5.5

    MEDIUM
    CVE-2024-26770

    In the Linux kernel, the following vulnerability has been resolved: HID: nvidia-shield: Add missing null pointer checks to LED initialization devm_kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the a... Read more

    Affected Products : linux_kernel
    • Published: Apr. 03, 2024
    • Modified: Jan. 27, 2025

  • 5.5

    MEDIUM
    CVE-2024-26776

    In the Linux kernel, the following vulnerability has been resolved: spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected Return IRQ_NONE from the interrupt handler when no interrupt was detected. Because an empty interrupt will cause a nul... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 03, 2024
    • Modified: Feb. 27, 2025

  • 5.5

    MEDIUM
    CVE-2024-26803

    In the Linux kernel, the following vulnerability has been resolved: net: veth: clear GRO when clearing XDP even when down veth sets NETIF_F_GRO automatically when XDP is enabled, because both features use the same NAPI machinery. The logic to clear NET... Read more

    Affected Products : linux_kernel
    • Published: Apr. 04, 2024
    • Modified: Apr. 01, 2025

  • 5.5

    MEDIUM
    CVE-2024-26765

    In the Linux kernel, the following vulnerability has been resolved: LoongArch: Disable IRQ before init_fn() for nonboot CPUs Disable IRQ before init_fn() for nonboot CPUs when hotplug, in order to silence such warnings (and also avoid potential errors d... Read more

    Affected Products : linux_kernel
    • Published: Apr. 03, 2024
    • Modified: Mar. 18, 2025

  • 5.5

    MEDIUM
    CVE-2024-26839

    In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix a memleak in init_credit_return When dma_alloc_coherent fails to allocate dd->cr_base[i].va, init_credit_return should deallocate dd->cr_base and dd->cr_base[i] that alloca... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 17, 2024
    • Modified: Jan. 14, 2025

  • 5.5

    MEDIUM
    CVE-2024-26811

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate payload size in ipc response If installing malicious ksmbd-tools, ksmbd.mountd can return invalid ipc response to ksmbd kernel server. ksmbd should validate payload size... Read more

    Affected Products : linux_kernel
    • Published: Apr. 08, 2024
    • Modified: Mar. 27, 2025
Showing 20 of 293289 Results