Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2018-18407

    A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service.... Read more

    Affected Products : fedora tcpreplay tcpreplay
    • Published: Oct. 17, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-18484

    An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus... Read more

    Affected Products : binutils
    • Published: Oct. 18, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-18457

    The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm.... Read more

    Affected Products : xpdf
    • Published: Oct. 18, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-18409

    A stack-based buffer over-read exists in setbit() at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an address_histogram call or a get_histogram call.... Read more

    Affected Products : ubuntu_linux fedora tcpflow
    • Published: Oct. 17, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-38575

    In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: pcie: handle randbuf allocation failure The kzalloc() in brcmf_pcie_download_fw_nvram() will return null if the physical memory has run out. As a result, if we use get_r... Read more

    Affected Products : linux_kernel
    • Published: Jun. 19, 2024
    • Modified: Jan. 31, 2025

  • 5.5

    MEDIUM
    CVE-2024-38551

    In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Assign dummy when codec not specified for a DAI link MediaTek sound card drivers are checking whether a DAI link is present and used on a board to assign the correct par... Read more

    Affected Products : linux_kernel
    • Published: Jun. 19, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-38549

    In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add 0 size check to mtk_drm_gem_obj Add a check to mtk_drm_gem_init if we attempt to allocate a GEM object of 0 bytes. Currently, no such check exists and the kernel will ... Read more

    Affected Products : linux_kernel
    • Published: Jun. 19, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-3838

    Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an attacker who convinced a user to install a malicious app to perform UI spoofing via a crafted app. (Chromium security severity: Medium)... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 17, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-18089

    Multiple out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may al... Read more

    Affected Products : graphics_driver
    • Published: Mar. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-36965

    In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both... Read more

    Affected Products : linux_kernel
    • Published: Jun. 08, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-36959

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() If we fail to allocate propname buffer, we need to drop the reference count we just took. Because the pinctrl_dt_free_maps(... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Jan. 14, 2025

  • 5.5

    MEDIUM
    CVE-2018-17974

    An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l... Read more

    Affected Products : tcpreplay tcpreplay
    • Published: Oct. 03, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-18190

    An issue was discovered in GoPro gpmf-parser before 1.2.1. There is a divide-by-zero error in GPMF_ScaledData in GPMF_parser.c.... Read more

    Affected Products : gpmf-parser
    • Published: Oct. 09, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-36924

    In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() lpfc_worker_wake_up() calls the lpfc_work_done() routine, which takes the hbalock. Thus, lpfc_worker_wake_up() should n... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Jan. 10, 2025

  • 5.5

    MEDIUM
    CVE-2024-36901

    In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6_output() According to syzbot, there is a chance that ip6_dst_idev() returns NULL in ip6_output(). Most places in IPv6 stack deal with a NULL idev j... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-36893

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Check for port partner validity before consuming it typec_register_partner() does not guarantee partner registration to always succeed. In the event of failure, port->... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-36881

    In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: reset ptes when close() for wr-protected ones Userfaultfd unregister includes a step to remove wr-protect bits from all the relevant pgtable entries, but that only cover... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Apr. 01, 2025

  • 5.5

    MEDIUM
    CVE-2018-17499

    Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain sensitive information, caused by the storing of unencrypted data in logs. An attacker could exploit this vulnerability to obtain two API keys, a token and othe... Read more

    Affected Products : passport
    • Published: Mar. 21, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-35999

    In the Linux kernel, the following vulnerability has been resolved: smb3: missing lock when picking channel Coverity spotted a place where we should have been holding the channel lock when accessing the ses channel index. Addresses-Coverity: 1582039 ("... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2024
    • Modified: Apr. 04, 2025

  • 5.5

    MEDIUM
    CVE-2024-35990

    In the Linux kernel, the following vulnerability has been resolved: dma: xilinx_dpdma: Fix locking There are several places where either chan->lock or chan->vchan.lock was not held. Add appropriate locking. This fixes lockdep warnings like [ 31.07757... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2024
    • Modified: Nov. 21, 2024
Showing 20 of 292774 Results