Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-52860

    In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process When tearing down a 'hisi_hns3' PMU, we mistakenly run the CPU hotplug callbacks after the... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Feb. 03, 2025

  • 5.5

    MEDIUM
    CVE-2023-52855

    In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency In _dwc2_hcd_urb_enqueue(), "urb->hcpriv = NULL" is executed without holding the lock "hsotg->lock". In _dw... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Apr. 02, 2025

  • 5.5

    MEDIUM
    CVE-2025-42947

    SAP FICA ODN framework allows a high privileged user to inject value inside the local variable which can then be executed by the application. An attacker could thereby control the behaviour of the application causing high impact on integrity, low impact o... Read more

    Affected Products :
    • Published: Jul. 23, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Injection

  • 5.5

    MEDIUM
    CVE-2019-19260

    GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 2 of 2).... Read more

    Affected Products : gitlab
    • Published: Jan. 03, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-41750

    IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local, authenticated attacker to bypass client-side enforcement of security to manipulate data.... Read more

    Affected Products : smartcloud_analytics_log_analysis
    • Published: Jul. 23, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2024-41751

    IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local, authenticated attacker to bypass client-side enforcement of security to manipulate data.... Read more

    Affected Products : smartcloud_analytics_log_analysis
    • Published: Jul. 23, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2023-52865

    In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference.... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Jan. 14, 2025

  • 5.5

    MEDIUM
    CVE-2023-52856

    In the Linux kernel, the following vulnerability has been resolved: drm/bridge: lt8912b: Fix crash on bridge detach The lt8912b driver, in its bridge detach function, calls drm_connector_unregister() and drm_connector_cleanup(). drm_connector_unregiste... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Jan. 31, 2025

  • 5.5

    MEDIUM
    CVE-2008-0403

    The web server in Belkin Wireless G Plus MIMO Router F5D9230-4 does not require authentication for SaveCfgFile.cgi, which allows remote attackers to read and modify configuration via a direct request to SaveCfgFile.cgi.... Read more

    Affected Products : f5d9230-4
    • Published: Jan. 23, 2008
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2022-48965

    In the Linux kernel, the following vulnerability has been resolved: gpio/rockchip: fix refcount leak in rockchip_gpiolib_register() The node returned by of_get_parent() with refcount incremented, of_node_put() needs be called when finish using it. So ad... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 25, 2024

  • 5.5

    MEDIUM
    CVE-2023-52845

    In the Linux kernel, the following vulnerability has been resolved: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING syzbot reported the following uninit-value access issue [1]: ===================================================== BU... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Jan. 31, 2025

  • 5.5

    MEDIUM
    CVE-2019-3573

    In libsixel v1.8.2, there is an infinite loop in the function sixel_decode_raw_impl() in the file fromsixel.c, as demonstrated by sixel2png.... Read more

    Affected Products : libsixel
    • Published: Jan. 02, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-52841

    In the Linux kernel, the following vulnerability has been resolved: media: vidtv: mux: Add check and kfree for kstrdup Add check for the return value of kstrdup() and return the error if it fails in order to avoid NULL pointer dereference. Moreover, use... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Dec. 31, 2024

  • 5.5

    MEDIUM
    CVE-2018-6536

    An issue was discovered in Icinga 2.x through 2.8.1. The daemon creates an icinga2.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for icinga... Read more

    Affected Products : icinga
    • Published: Feb. 02, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-19889

    An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the ... Read more

    Affected Products : freeware_advanced_audio_coder
    • Published: Dec. 06, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-52849

    In the Linux kernel, the following vulnerability has been resolved: cxl/mem: Fix shutdown order Ira reports that removing cxl_mock_mem causes a crash with the following trace: BUG: kernel NULL pointer dereference, address: 0000000000000044 [..] RIP:... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Dec. 30, 2024

  • 5.5

    MEDIUM
    CVE-2018-19761

    There is an illegal address access at fromsixel.c (function: sixel_decode_raw_impl) in libsixel 1.8.2 that will cause a denial of service.... Read more

    Affected Products : libsixel
    • Published: Nov. 30, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-52894

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate() In Google internal bug 265639009 we've received an (as yet) unreproducible crash report from an aarch64 GKI 5.10.149-an... Read more

    Affected Products : linux_kernel
    • Published: Aug. 21, 2024
    • Modified: Sep. 11, 2024

  • 5.5

    MEDIUM
    CVE-2023-52826

    In the Linux kernel, the following vulnerability has been resolved: drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference In tpg110_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointe... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Dec. 30, 2024

  • 5.5

    MEDIUM
    CVE-2017-9130

    The faacEncOpen function in libfaac/frame.c in Freeware Advanced Audio Coder (FAAC) 1.28 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted wav file.... Read more

    Affected Products : freeware_advanced_audio_coder
    • Published: Jun. 21, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 292795 Results