Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-38539

    In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw When running blktests nvme/rdma, the following kmemleak issue will appear. kmemleak: Kernel memory leak d... Read more

    Affected Products : linux_kernel
    • Published: Jun. 19, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-38390

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails Calling a6xx_destroy() before adreno_gpu_init() leads to a null pointer dereference on: msm_gpu_cleanup() : platfo... Read more

    Affected Products : linux_kernel
    • Published: Jun. 21, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-3838

    Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an attacker who convinced a user to install a malicious app to perform UI spoofing via a crafted app. (Chromium security severity: Medium)... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 17, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-36969

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation of the number of slices will cause a division by zero d... Read more

    Affected Products : linux_kernel
    • Published: Jun. 08, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-36965

    In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both... Read more

    Affected Products : linux_kernel
    • Published: Jun. 08, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-36959

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() If we fail to allocate propname buffer, we need to drop the reference count we just took. Because the pinctrl_dt_free_maps(... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Jan. 14, 2025

  • 5.5

    MEDIUM
    CVE-2014-0678

    The portal interface in Cisco Secure Access Control System (ACS) does not properly manage sessions, which allows remote authenticated users to hijack sessions and gain privileges via unspecified vectors, aka Bug ID CSCue65951.... Read more

    Affected Products : secure_access_control_system
    • EPSS Score: %0.38
    • Published: Jan. 25, 2014
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2024-36944

    In the Linux kernel, the following vulnerability has been resolved: Reapply "drm/qxl: simplify qxl_fence_wait" This reverts commit 07ed11afb68d94eadd4ffc082b97c2331307c5ea. Stephen Rostedt reports: "I went to run my tests on my VMs and the tests hung ... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Apr. 01, 2025

  • 5.5

    MEDIUM
    CVE-2024-36941

    In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: don't free NULL coalescing rule If the parsing fails, we can dereference a NULL pointer here.... Read more

    Affected Products : linux_kernel debian_linux
    • Published: May. 30, 2024
    • Modified: May. 20, 2025

  • 5.5

    MEDIUM
    CVE-2024-36938

    In the Linux kernel, the following vulnerability has been resolved: bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue Fix NULL pointer data-races in sk_psock_skb_ingress_enqueue() which syzbot reported [1]. [1] BUG: KCSAN: data-r... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-36930

    In the Linux kernel, the following vulnerability has been resolved: spi: fix null pointer dereference within spi_sync If spi_sync() is called with the non-empty queue and the same spi_message is then reused, the complete callback for the message remains... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-36925

    In the Linux kernel, the following vulnerability has been resolved: swiotlb: initialise restricted pool list_head when SWIOTLB_DYNAMIC=y Using restricted DMA pools (CONFIG_DMA_RESTRICTED_POOL=y) in conjunction with dynamic SWIOTLB (CONFIG_SWIOTLB_DYNAMI... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-36924

    In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() lpfc_worker_wake_up() calls the lpfc_work_done() routine, which takes the hbalock. Thus, lpfc_worker_wake_up() should n... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Jan. 10, 2025

  • 5.5

    MEDIUM
    CVE-2024-36923

    In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix uninitialized values during inode evict If an iget fails due to not being able to retrieve information from the server then the inode structure is only partially initialized.... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Mar. 06, 2025

  • 5.5

    MEDIUM
    CVE-2024-36903

    In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix potential uninit-value access in __ip6_make_skb() As it was done in commit fc1092f51567 ("ipv4: Fix uninit-value access in __ip_make_skb()") for IPv4, check FLOWI_FLAG_KNOWN_N... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: May. 22, 2025

  • 5.5

    MEDIUM
    CVE-2024-36901

    In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a chance that ip6_dst_idev() returns NULL in ip6_output(). Most places in IPv6 stack deal with a NULL idev j... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-36893

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Check for port partner validity before consuming it typec_register_partner() does not guarantee partner registration to always succeed. In the event of failure, port->... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-36891

    In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix mas_empty_area_rev() null pointer dereference Currently the code calls mas_start() followed by mas_data_end() if the maple state is MA_START, but mas_start() may return ... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-36881

    In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: reset ptes when close() for wr-protected ones Userfaultfd unregister includes a step to remove wr-protect bits from all the relevant pgtable entries, but that only cover... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Apr. 01, 2025

  • 5.5

    MEDIUM
    CVE-2024-36288

    In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix loop termination condition in gss_free_in_token_pages() The in_token->pages[] array is not NULL terminated. This results in the following KASAN splat: KASAN: maybe wild-m... Read more

    Affected Products : linux_kernel
    • Published: Jun. 21, 2024
    • Modified: Jun. 19, 2025
Showing 20 of 291741 Results