Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-26948

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add a dc_state NULL check in dc_state_release [How] Check wheather state is NULL before releasing it.... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2019-10618

    Driver may access an invalid address while processing IO control due to lack of check of address validation in Snapdragon Connectivity in QCA6390... Read more

    Affected Products : qca6390_firmware qca6390
    • Published: Dec. 12, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-26938

    In the Linux kernel, the following vulnerability has been resolved: drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() If we have no VBT, or the VBT didn't declare the encoder in question, we won't have the 'devdata' for... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2020-28928

    In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).... Read more

    Affected Products : fedora debian_linux musl graalvm
    • Published: Nov. 24, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-52647

    In the Linux kernel, the following vulnerability has been resolved: media: nxp: imx8-isi: Check whether crossbar pad is non-NULL before access When translating source to sink streams in the crossbar subdev, the driver tries to locate the remote subdev c... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2019-10649

    In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.... Read more

    Affected Products : ubuntu_linux debian_linux imagemagick
    • Published: Mar. 30, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-48665

    In the Linux kernel, the following vulnerability has been resolved: exfat: fix overflow for large capacity partition Using int type for sector index, there will be overflow in a large capacity partition. For example, if storage with sector size of 512 ... Read more

    Affected Products : linux_kernel
    • Published: Apr. 28, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2022-48653

    In the Linux kernel, the following vulnerability has been resolved: ice: Don't double unplug aux on peer initiated reset In the IDC callback that is accessed when the aux drivers request a reset, the function to unplug the aux devices is called. This f... Read more

    Affected Products : linux_kernel
    • Published: Apr. 28, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2022-48652

    In the Linux kernel, the following vulnerability has been resolved: ice: Fix crash by keep old cfg when update TCs more than queues There are problems if allocated queues less than Traffic Classes. Commit a632b2a4c920 ("ice: ethtool: Prohibit improper ... Read more

    Affected Products : linux_kernel
    • Published: Apr. 28, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2022-48645

    In the Linux kernel, the following vulnerability has been resolved: net: enetc: deny offload of tc-based TSN features on VF interfaces TSN features on the ENETC (taprio, cbs, gate, police) are configured through a mix of command BD ring messages and por... Read more

    Affected Products : linux_kernel
    • Published: Apr. 28, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2022-48644

    In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: avoid disabling offload when it was never enabled In an incredibly strange API design decision, qdisc->destroy() gets called even if qdisc->init() never succeeded, no... Read more

    Affected Products : linux_kernel
    • Published: Apr. 28, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2022-48643

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix nft_counters_enabled underflow at nf_tables_addchain() syzbot is reporting underflow of nft_counters_enabled counter at nf_tables_addchain() [1], for commit 43... Read more

    Affected Products : linux_kernel
    • Published: Apr. 28, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2013-3242

    plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 does not properly handle an object obtained by unserializing a cookie, which allows remote authenticated users to conduct PHP object injection attacks and cause a d... Read more

    Affected Products : joomla\!
    • Published: May. 03, 2013
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2019-10535

    Improper validation for loop variable received from firmware can lead to out of bound access in WLAN function while iterating through loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapd... Read more

    • Published: Nov. 21, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-48640

    In the Linux kernel, the following vulnerability has been resolved: bonding: fix NULL deref in bond_rr_gen_slave_id Fix a NULL dereference of the struct bonding.rr_tx_counter member because if a bond is initially created with an initial mode != zero (Ro... Read more

    Affected Products : linux_kernel
    • Published: Apr. 28, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2019-10430

    Jenkins NeuVector Vulnerability Scanner Plugin 1.5 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.... Read more

    Affected Products : neuvector_vulnerability_scanner
    • Published: Sep. 25, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-10420

    Jenkins Assembla Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.... Read more

    Affected Products : assembla
    • Published: Sep. 25, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-10398

    Jenkins Beaker Builder Plugin 1.9 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.... Read more

    Affected Products : beaker_builder
    • Published: Sep. 12, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-10364

    Jenkins Amazon EC2 Plugin 1.43 and earlier wrote the beginning of private keys to the Jenkins system log.... Read more

    Affected Products : amazon_ec2 ec2
    • Published: Jul. 31, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2019-10424

    Jenkins elOyente Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.... Read more

    Affected Products : eloyente
    • Published: Sep. 25, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 294695 Results