Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NONE
    CVE-2024-46742

    In the Linux kernel, the following vulnerability has been resolved: smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open() null-ptr-deref will occur when (req_op_level == SMB2_OPLOCK_LEVEL_LEASE) and parse_lease_state() return NULL. ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46739

    In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind For primary VM Bus channels, primary_channel pointer is always NULL. This pointer is valid only for the secondary c... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46738

    In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix use-after-free when removing resource in vmci_resource_remove() When removing a resource from vmci_resource_table in vmci_resource_remove(), the search is performed using the ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46734

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between direct IO write and fsync when using same fd If we have 2 threads that are using the same file descriptor and one of them is doing direct IO writes while the oth... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-45861

    Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if accessed may allow an attacker to access sensitive information.... Read more

    Affected Products :
    • Published: Sep. 19, 2024
    • Modified: Sep. 19, 2024

  • 0.0

    NONE
    CVE-2024-45862

    Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may allow an attacker to access sensitive information.... Read more

    Affected Products :
    • Published: Sep. 19, 2024
    • Modified: Sep. 19, 2024

  • 0.0

    NONE
    CVE-2024-8375

    There exists a use after free vulnerability in Reverb. Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked, memory is first allocated to store the entire tensor, ... Read more

    Affected Products :
    • Published: Sep. 19, 2024
    • Modified: Sep. 19, 2024

  • 0.0

    NONE
    CVE-2024-46736

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double put of @cfile in smb2_rename_path() If smb2_set_path_attr() is called with a valid @cfile and returned -EINVAL, we need to call cifs_get_writable_path() again as... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46732

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Assign linear_pitch_alignment even for VM [Description] Assign linear_pitch_alignment so we don't cause a divide by 0 error in VM environments... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46733

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix qgroup reserve leaks in cow_file_range In the buffered write path, the dirty page owns the qgroup reserve until it creates an ordered_extent. Therefore, any errors that occu... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46731

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix the Out-of-bounds read warning using index i - 1U may beyond element index for mc_data[] when i = 0.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46726

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Ensure index calculation will not overflow [WHY & HOW] Make sure vmid0p72_idx, vnom0p8_idx and vmax0p9_idx calculation will never overflow and exceess array size. This... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-31570

    libfreeimage in FreeImage 3.4.0 through 3.18.0 has a stack-based buffer overflow in the PluginXPM.cpp Load function via an XPM file.... Read more

    Affected Products :
    • Published: Sep. 19, 2024
    • Modified: Sep. 19, 2024

  • 0.0

    NONE
    CVE-2024-8652

    A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser when they visit specific path on the site. This issue affects NetCat CMS v. 6.4.0.24126.2 and possibly others. Apply patch from vendor https://netcat.ru/ htt... Read more

    Affected Products :
    • Published: Sep. 19, 2024
    • Modified: Sep. 19, 2024

  • 0.0

    NONE
    CVE-2024-8653

    A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser when they visit specific paths on the site. This issue affects NetCat CMS v. 6.4.0.24126.2 and possibly others. Apply patch from vendor https://netcat.ru/ ht... Read more

    Affected Products :
    • Published: Sep. 19, 2024
    • Modified: Sep. 19, 2024

  • 0.0

    NONE
    CVE-2024-8651

    A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that can be used to check whether a user exists in the system, which could be a basis for further attacks. This issue affects NetCat CMS v. 6.4.0.24126.2 and possibl... Read more

    Affected Products :
    • Published: Sep. 19, 2024
    • Modified: Sep. 19, 2024

  • 0.0

    NONE
    CVE-2024-46721

    In the Linux kernel, the following vulnerability has been resolved: apparmor: fix possible NULL pointer dereference profile->parent->dents[AAFS_PROF_DIR] could be NULL only if its parent is made from __create_missing_ancestors(..) and 'ent->old' is NULL... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-46719

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Fix null pointer dereference in trace ucsi_register_altmode checks IS_ERR for the alt pointer and treats NULL as valid. When CONFIG_TYPEC_DP_ALTMODE is not enabled, uc... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 0.0

    NONE
    CVE-2024-25673

    Couchbase Server 7.6.x before 7.6.2, 7.2.x before 7.2.6, and all earlier versions allows HTTP Host header injection.... Read more

    Affected Products :
    • Published: Sep. 19, 2024
    • Modified: Sep. 19, 2024

  • 0.0

    NONE
    CVE-2024-46717

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: SHAMPO, Fix incorrect page release Under the following conditions: 1) No skb created yet 2) header_size == 0 (no SHAMPO header) 3) header_index + 1 % MLX5E_SHAMPO_WQ_HEADER_P... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024
Showing 20 of 311 Results