Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-32883

    A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os watchos ipados
    • Published: Sep. 20, 2022
    • Modified: May. 29, 2025

  • 5.5

    MEDIUM
    CVE-2024-26640

    In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity checks to rx zerocopy TCP rx zerocopy intent is to map pages initially allocated from NIC drivers, not pages owned by a fs. This patch adds to can_map_frag() these addi... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Mar. 18, 2024
    • Modified: Mar. 10, 2025

  • 5.5

    MEDIUM
    CVE-2024-26636

    In the Linux kernel, the following vulnerability has been resolved: llc: make llc_ui_sendmsg() more robust against bonding changes syzbot was able to trick llc_ui_sendmsg(), allocating an skb with no headroom, but subsequently trying to push 14 bytes of... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Mar. 18, 2024
    • Modified: Mar. 10, 2025

  • 5.5

    MEDIUM
    CVE-2024-26632

    In the Linux kernel, the following vulnerability has been resolved: block: Fix iterating over an empty bio with bio_for_each_folio_all If the bio contains no data, bio_first_folio() calls page_folio() on a NULL pointer and oopses. Move the test that we... Read more

    Affected Products : linux_kernel
    • Published: Mar. 18, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26634

    In the Linux kernel, the following vulnerability has been resolved: net: fix removing a namespace with conflicting altnames Mark reports a BUG() when a net namespace is removed. kernel BUG at net/core/dev.c:11520! Physical interfaces moved outside... Read more

    Affected Products : linux_kernel
    • Published: Mar. 18, 2024
    • Modified: Mar. 10, 2025

  • 5.5

    MEDIUM
    CVE-2024-26667

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup The commit 8b45a26f2ba9 ("drm/msm/dpu: reserve cdm blocks for writeback in case of YUV output") introduced a smatch... Read more

    Affected Products : linux_kernel
    • Published: Apr. 02, 2024
    • Modified: Mar. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-26644

    In the Linux kernel, the following vulnerability has been resolved: btrfs: don't abort filesystem when attempting to snapshot deleted subvolume If the source file descriptor to the snapshot ioctl refers to a deleted subvolume, we get the following abort... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Mar. 26, 2024
    • Modified: Jul. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-26633

    In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() syzbot pointed out [1] that NEXTHDR_FRAGMENT handling is broken. Reading frag_off can only be done if we pulled... Read more

    • Published: Mar. 18, 2024
    • Modified: Apr. 04, 2025

  • 5.5

    MEDIUM
    CVE-2024-26629

    In the Linux kernel, the following vulnerability has been resolved: nfsd: fix RELEASE_LOCKOWNER The test on so_count in nfsd4_release_lockowner() is nonsense and harmful. Revert to using check_for_locks(), changing that to not sleep. First: harmful. A... Read more

    Affected Products : linux_kernel
    • Published: Mar. 13, 2024
    • Modified: Feb. 27, 2025

  • 5.5

    MEDIUM
    CVE-2014-0068

    It was reported that watchman in openshift node-utils creates /var/run/watchman.pid and /var/log/watchman.ouput with world writable permission.... Read more

    • Published: Jun. 30, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-35018

    Advancecomp v2.3 was discovered to contain a segmentation fault.... Read more

    Affected Products : fedora advancecomp
    • Published: Aug. 29, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2020-27925

    An issue existed in the handling of incoming calls. The issue was addressed with additional state checks. This issue is fixed in iOS 14.2 and iPadOS 14.2. A user may answer two calls simultaneously without indication they have answered a second call.... Read more

    Affected Products : iphone_os ipados
    • Published: Dec. 08, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26627

    In the Linux kernel, the following vulnerability has been resolved: scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler Inside scsi_eh_wakeup(), scsi_host_busy() is called & checked with host lock every time for deciding if error... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2024
    • Modified: Mar. 14, 2025

  • 5.5

    MEDIUM
    CVE-2014-0077

    drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privile... Read more

    Affected Products : linux_kernel
    • Published: Apr. 14, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2014-0055

    The get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle vhost_get_vq_desc errors, which allows guest OS users to cause a de... Read more

    Affected Products : enterprise_linux
    • Published: Mar. 26, 2014
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2024-26626

    In the Linux kernel, the following vulnerability has been resolved: ipmr: fix kernel panic when forwarding mcast packets The stacktrace was: [ 86.305548] BUG: kernel NULL pointer dereference, address: 0000000000000092 [ 86.306815] #PF: supervisor re... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2024
    • Modified: Dec. 12, 2024

  • 5.5

    MEDIUM
    CVE-2024-26611

    In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP Currently when packet is shrunk via bpf_xdp_adjust_tail() and memory type is set to MEM_TYPE_XSK_BUFF_POOL, null ptr dereference ha... Read more

    Affected Products : linux_kernel
    • Published: Mar. 11, 2024
    • Modified: Dec. 12, 2024

  • 5.5

    MEDIUM
    CVE-2024-26615

    In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmb_desc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smc_run... Read more

    Affected Products : linux_kernel
    • Published: Mar. 11, 2024
    • Modified: Dec. 12, 2024

  • 5.5

    MEDIUM
    CVE-2024-26612

    In the Linux kernel, the following vulnerability has been resolved: netfs, fscache: Prevent Oops in fscache_put_cache() This function dereferences "cache" and then checks if it's IS_ERR_OR_NULL(). Check first, then dereference.... Read more

    Affected Products : linux_kernel
    • Published: Mar. 11, 2024
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2014-0009

    course/loginas.php in Moodle through 2.2.11, 2.3.x before 2.3.11, 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 does not enforce the moodle/site:accessallgroups capability requirement for outside-group users in a SEPARATEGROUPS configurat... Read more

    Affected Products : moodle
    • Published: Jan. 20, 2014
    • Modified: Apr. 11, 2025
Showing 20 of 293308 Results