Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2025-21946

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bounds in parse_sec_desc() If osidoffset, gsidoffset and dacloffset could be greater than smb_ntsd struct size. If it is smaller, It could cause slab-out-of-bounds. An... Read more

    Affected Products : linux_kernel
    • Published: Apr. 01, 2025
    • Modified: Apr. 01, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38493

    In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix crash in timerlat_dump_stack() We have observed kernel panics when using timerlat with stack saving, with the following dmesg output: memcpy: detected buffer overf... Read more

    Affected Products : linux_kernel
    • Published: Jul. 28, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38402

    In the Linux kernel, the following vulnerability has been resolved: idpf: return 0 size for RSS key if not supported Returning -EOPNOTSUPP from function returning u32 is leading to cast and invalid size value as a result. -EOPNOTSUPP as a size probably... Read more

    Affected Products : linux_kernel
    • Published: Jul. 25, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2022-49340

    In the Linux kernel, the following vulnerability has been resolved: ip_gre: test csum_start instead of transport header GRE with TUNNEL_CSUM will apply local checksum offload on CHECKSUM_PARTIAL packets. ipgre_xmit must validate csum_start after an opt... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Feb. 26, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-49109

    In the Linux kernel, the following vulnerability has been resolved: ceph: fix inode reference leakage in ceph_get_snapdir() The ceph_get_inode() will search for or insert a new inode into the hash for the given vino, and return a reference to it. If new... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Feb. 26, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38314

    In the Linux kernel, the following vulnerability has been resolved: virtio-pci: Fix result size returned for the admin command completion The result size returned by virtio_pci_admin_dev_parts_get() is 8 bytes larger than the actual result data size. Th... Read more

    Affected Products : linux_kernel
    • Published: Jul. 10, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38343

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: drop fragments with multicast or broadcast RA IEEE 802.11 fragmentation can only be applied to unicast frames. Therefore, drop fragments with multicast or broadcast ... Read more

    Affected Products : linux_kernel
    • Published: Jul. 10, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-38204

    In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds read in add_missing_indices stbl is s8 but it must contain offsets into slot which can go from 0 to 127. Added a bound check for that error and retur... Read more

    Affected Products : linux_kernel
    • Published: Jul. 04, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38190

    In the Linux kernel, the following vulnerability has been resolved: atm: Revert atm_account_tx() if copy_from_iter_full() fails. In vcc_sendmsg(), we account skb->truesize to sk->sk_wmem_alloc by atm_account_tx(). It is expected to be reverted by atm_p... Read more

    Affected Products : linux_kernel
    • Published: Jul. 04, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38162

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation When calculating the lookup table size, ensure the following multiplication does not overflow: - desc->field_len[... Read more

    Affected Products : linux_kernel
    • Published: Jul. 03, 2025
    • Modified: Jul. 03, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2022-48816

    In the Linux kernel, the following vulnerability has been resolved: SUNRPC: lock against ->sock changing during sysfs read ->sock can be set to NULL asynchronously unless ->recv_mutex is held. So it is important to hold that mutex. Otherwise a sysfs re... Read more

    Affected Products : linux_kernel
    • Published: Jul. 16, 2024
    • Modified: Nov. 21, 2024

  • 0.0

    NA
    CVE-2022-48807

    In the Linux kernel, the following vulnerability has been resolved: ice: Fix KASAN error in LAG NETDEV_UNREGISTER handler Currently, the same handler is called for both a NETDEV_BONDING_INFO LAG unlink notification as for a NETDEV_UNREGISTER call. This... Read more

    Affected Products : linux_kernel
    • Published: Jul. 16, 2024
    • Modified: Nov. 21, 2024

  • 0.0

    NA
    CVE-2022-48640

    In the Linux kernel, the following vulnerability has been resolved: bonding: fix NULL deref in bond_rr_gen_slave_id Fix a NULL dereference of the struct bonding.rr_tx_counter member because if a bond is initially created with an initial mode != zero (Ro... Read more

    Affected Products : linux_kernel
    • Published: Apr. 28, 2024
    • Modified: Nov. 21, 2024

  • 0.0

    NA
    CVE-2025-21804

    In the Linux kernel, the following vulnerability has been resolved: PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region() The rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region() macro to request a needed resou... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-23141

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses Acquire a lock on kvm->srcu when userspace is getting MP state to handle a rather extreme edge case where "ac... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-23161

    In the Linux kernel, the following vulnerability has been resolved: PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type The access to the PCI config space via pci_ops::read and pci_ops::write is a low-level hardware access. The functions can be acces... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025

  • 0.0

    NA
    CVE-2024-47740

    In the Linux kernel, the following vulnerability has been resolved: f2fs: Require FMODE_WRITE for atomic write ioctls The F2FS ioctls for starting and committing atomic writes check for inode_owner_or_capable(), but this does not give LSMs like SELinux ... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Nov. 08, 2024

  • 0.0

    NA
    CVE-2024-46896

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: don't access invalid sched Since 2320c9e6a768 ("drm/sched: memset() 'job' in drm_sched_job_init()") accessing job->base.sched can produce unexpected results as the initialis... Read more

    Affected Products : linux_kernel
    • Published: Jan. 11, 2025
    • Modified: Jan. 11, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-49357

    In the Linux kernel, the following vulnerability has been resolved: efi: Do not import certificates from UEFI Secure Boot for T2 Macs On Apple T2 Macs, when Linux attempts to read the db and dbx efi variables at early boot to load UEFI Secure Boot certi... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Feb. 26, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2024-40921

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state Pass the already obtained vlan group pointer to br_mst_vlan_set_state() instead of dereferencing it again. Each calle... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Nov. 21, 2024
Showing 20 of 293698 Results