Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-49906

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointer before try to access it [why & how] Change the order of the pipe_ctx->plane_state check to ensure that plane_state is not null before accessing it.... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Dec. 09, 2024

  • 5.5

    MEDIUM
    CVE-2024-50170

    In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fix potential memory leak in bcmasp_xmit() The bcmasp_xmit() returns NETDEV_TX_OK without freeing skb in case of mapping fails, add dev_kfree_skb() to fix it.... Read more

    Affected Products : linux_kernel
    • Published: Nov. 07, 2024
    • Modified: Nov. 13, 2024

  • 5.5

    MEDIUM
    CVE-2023-52782

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Track xmit submission to PTP WQ after populating metadata map Ensure the skb is available in metadata mapping to skbs before tracking the metadata index for detecting undeliv... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Jan. 31, 2025

  • 5.5

    MEDIUM
    CVE-2024-53070

    In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: fix fault at system suspend if device was already runtime suspended If the device was already runtime suspended then during system suspend we cannot access the device registe... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Nov. 25, 2024

  • 5.5

    MEDIUM
    CVE-2024-26851

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: Add protection for bmp length out of range UBSAN load reports an exception of BRK#5515 SHIFT_ISSUE:Bitwise shifts that are out of bounds for their data typ... Read more

    Affected Products : linux_kernel debian_linux
    • Published: Apr. 17, 2024
    • Modified: Apr. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-54500

    The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. Processing a maliciously crafted image may ... Read more

    Affected Products : macos iphone_os tvos watchos ipados visionos
    • Published: Dec. 12, 2024
    • Modified: Dec. 20, 2024

  • 5.5

    MEDIUM
    CVE-2022-40896

    A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer.... Read more

    Affected Products : pygments
    • Published: Jul. 19, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-34675

    NVIDIA Display Driver for Linux contains a vulnerability in the Virtual GPU Manager, where it does not check the return value from a null-pointer dereference, which may lead to denial of service.... Read more

    • Published: Dec. 30, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-34679

    NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unhandled return value can lead to a null-pointer dereference, which may lead to denial of service.... Read more

    • Published: Dec. 30, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2010-2538

    Integer overflow in the btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 might allow local users to obtain sensitive information via a BTRFS_IOC_CLONE_RANGE ioctl call.... Read more

    • Published: Sep. 30, 2010
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2024-56744

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock in f2fs_record_stop_reason() syzbot reports deadlock issue of f2fs as below: ====================================================== WARNING: possi... Read more

    Affected Products : linux_kernel
    • Published: Dec. 29, 2024
    • Modified: Apr. 16, 2025

  • 5.5

    MEDIUM
    CVE-2010-2496

    stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it possible for local attackers to gain access to passwords of the HA stack and potentially influence its operations. This is fixed in cluster-glue 1.0.6 and newer... Read more

    Affected Products : pacemaker cluster_glue
    • Published: Oct. 18, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-35920

    In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_dec_ipi_handler' function when the ct... Read more

    Affected Products : linux_kernel
    • Published: May. 19, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-36932

    In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Prevent use-after-free from occurring after cdev removal Since thermal_debug_cdev_remove() does not run under cdev->lock, it can run in parallel with thermal_debug_cdev... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2010-2402

    Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.49.27 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.... Read more

    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2010-2401

    Unspecified vulnerability in the PeopleSoft Enterprise HCM - eProfile Mgr component in Oracle PeopleSoft and JDEdwards Suite HCM 9.0 Bundle #9 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.... Read more

    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2024-56575

    In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Ensure power suppliers be suspended before detach them The power suppliers are always requested to suspend asynchronously, dev_pm_domain_detach() requires the caller to... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 31, 2025

  • 5.5

    MEDIUM
    CVE-2010-2412

    Unspecified vulnerability in the OLAP component in Oracle Database Server 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.... Read more

    Affected Products : database_server
    • Published: Oct. 14, 2010
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2020-14651

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pr... Read more

    • Published: Jul. 15, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-8844

    PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    Affected Products : pdf-xchange_editor pdf-tools
    • Published: Nov. 22, 2024
    • Modified: Dec. 04, 2024
Showing 20 of 292847 Results