Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-52564

    In the Linux kernel, the following vulnerability has been resolved: Revert "tty: n_gsm: fix UAF in gsm_cleanup_mux" This reverts commit 9b9c8195f3f0d74a826077fc1c01b9ee74907239. The commit above is reverted as it did not solve the original issue. gsm_... Read more

    Affected Products : linux_kernel
    • Published: Mar. 02, 2024
    • Modified: Jan. 07, 2025

  • 5.5

    MEDIUM
    CVE-2023-52527

    In the Linux kernel, the following vulnerability has been resolved: ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() Including the transhdrlen in length is a problem when the packet is partially filled (e.g. something like send(MSG_MORE... Read more

    Affected Products : linux_kernel
    • Published: Mar. 02, 2024
    • Modified: Jan. 13, 2025

  • 5.5

    MEDIUM
    CVE-2023-52520

    In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix reference leak If a duplicate attribute is found using kset_find_obj(), a reference to that attribute is returned which needs to be disposed accordingly usi... Read more

    Affected Products : linux_kernel
    • Published: Mar. 02, 2024
    • Modified: Dec. 11, 2024

  • 5.5

    MEDIUM
    CVE-2023-52516

    In the Linux kernel, the following vulnerability has been resolved: dma-debug: don't call __dma_entry_alloc_check_leak() under free_entries_lock __dma_entry_alloc_check_leak() calls into printk -> serial console output (qcom geni) and grabs port->lock u... Read more

    Affected Products : linux_kernel
    • Published: Mar. 02, 2024
    • Modified: Dec. 11, 2024

  • 5.5

    MEDIUM
    CVE-2023-52500

    In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command Tags allocated for OPC_INB_SET_CONTROLLER_CONFIG command need to be freed when we receive the resp... Read more

    Affected Products : linux_kernel
    • Published: Mar. 02, 2024
    • Modified: Jan. 13, 2025

  • 5.5

    MEDIUM
    CVE-2023-52488

    In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO The SC16IS7XX IC supports a burst mode to access the FIFOs where the initial register address is sent ($00), f... Read more

    Affected Products : linux_kernel
    • Published: Mar. 11, 2024
    • Modified: Feb. 14, 2025

  • 5.5

    MEDIUM
    CVE-2023-52486

    In the Linux kernel, the following vulnerability has been resolved: drm: Don't unref the same fb many times by mistake due to deadlock handling If we get a deadlock after the fb lookup in drm_mode_page_flip_ioctl() we proceed to unref the fb and then re... Read more

    Affected Products : linux_kernel
    • Published: Mar. 11, 2024
    • Modified: Jan. 14, 2025

  • 5.5

    MEDIUM
    CVE-2023-52484

    In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range When running an SVA case, the following soft lockup is triggered: ------------------------------------------... Read more

    Affected Products : linux_kernel
    • Published: Feb. 29, 2024
    • Modified: Dec. 10, 2024

  • 5.5

    MEDIUM
    CVE-2023-52471

    In the Linux kernel, the following vulnerability has been resolved: ice: Fix some null pointer dereference issues in ice_ptp.c devm_kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-52467

    In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fix null pointer dereference in of_syscon_register() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-52454

    In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length If the host sends an H2CData command with an invalid DATAL, the kernel may crash in nvmet_tcp_build_pdu_iovec(). ... Read more

    Affected Products : linux_kernel
    • Published: Feb. 23, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-29029

    A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll contains a null pointer dereference vuln... Read more

    Affected Products : jt2go teamcenter_visualization
    • EPSS Score: %0.28
    • Published: May. 20, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2011-2306

    Unspecified vulnerability in Oracle Linux 4 and 5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to "Oracle validated."... Read more

    Affected Products : linux
    • EPSS Score: %0.21
    • Published: Oct. 18, 2011
    • Modified: Apr. 11, 2025

  • 5.5

    MEDIUM
    CVE-2023-52429

    dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.... Read more

    Affected Products : linux_kernel fedora
    • EPSS Score: %0.02
    • Published: Feb. 12, 2024
    • Modified: Mar. 25, 2025

  • 5.5

    MEDIUM
    CVE-2023-51384

    In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS... Read more

    Affected Products : debian_linux openssh
    • EPSS Score: %0.05
    • Published: Dec. 18, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-49994

    Espeak-ng 1.52-dev was discovered to contain a Floating Point Exception via the function PeaksToHarmspect at wavegen.c.... Read more

    Affected Products : espeak-ng
    • EPSS Score: %0.05
    • Published: Dec. 12, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-31651

    In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in libsox.a.... Read more

    Affected Products : sound_exchange sox
    • EPSS Score: %0.07
    • Published: May. 25, 2022
    • Modified: Jun. 27, 2025

  • 5.5

    MEDIUM
    CVE-2023-46246

    Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1... Read more

    Affected Products : vim
    • EPSS Score: %0.01
    • Published: Oct. 27, 2023
    • Modified: Feb. 13, 2025

  • 5.5

    MEDIUM
    CVE-2011-1490

    A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the ... Read more

    Affected Products : debian_linux rsyslog opensuse
    • EPSS Score: %0.15
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2011-1488

    A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a... Read more

    Affected Products : debian_linux rsyslog opensuse
    • EPSS Score: %0.15
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291736 Results