Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-56599

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: avoid NULL pointer error during sdio remove When running 'rmmod ath10k', ath10k_sdio_remove() will free sdio workqueue by destroy_workqueue(). But if CONFIG_INIT_ON_FREE_D... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: May. 02, 2025

  • 7.8

    HIGH
    CVE-2024-56551

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix usage slab after free [ +0.000021] BUG: KASAN: slab-use-after-free in drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched] [ +0.000027] Read of size 8 at addr ffff8881b8605f... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: May. 02, 2025

  • 7.8

    HIGH
    CVE-2024-54458

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: bsg: Set bsg_queue to NULL after removal Currently, this does not cause any issues, but I believe it is necessary to set bsg_queue to NULL after removing it to prevent potent... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: May. 02, 2025

  • 7.8

    HIGH
    CVE-2024-53185

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix NULL ptr deref in crypto_aead_setkey() Neither SMB3.0 or SMB3.02 supports encryption negotiate context, so when SMB2_GLOBAL_CAP_ENCRYPTION flag is set in the negotiate ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: May. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-53128

    In the Linux kernel, the following vulnerability has been resolved: sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers When CONFIG_KASAN_SW_TAGS and CONFIG_KASAN_STACK are enabled, the object_is_on_stack() function may produce incorrec... Read more

    Affected Products : linux_kernel
    • Published: Dec. 04, 2024
    • Modified: May. 02, 2025

  • 7.8

    HIGH
    CVE-2024-50280

    In the Linux kernel, the following vulnerability has been resolved: dm cache: fix flushing uninitialized delayed_work on cache_ctr error An unexpected WARN_ON from flush_work() may occur when cache creation fails, caused by destroying the uninitialized ... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: May. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-50272

    In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemap_read() If the caller supplies an iocb->ki_pos value that is close to the filesystem upper limit, and an iterator with a count that causes us to o... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: May. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-50258

    In the Linux kernel, the following vulnerability has been resolved: net: fix crash when config small gso_max_size/gso_ipv4_max_size Config a small gso_max_size/gso_ipv4_max_size will lead to an underflow in sk_dst_gso_max_size(), which may trigger a BUG... Read more

    Affected Products : linux_kernel
    • Published: Nov. 09, 2024
    • Modified: May. 02, 2025

  • 7.8

    HIGH
    CVE-2024-50154

    In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(). """ We are seeing a use-after-free from a bpf pr... Read more

    Affected Products : linux_kernel
    • Published: Nov. 07, 2024
    • Modified: May. 02, 2025

  • 7.8

    HIGH
    CVE-2024-50125

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been unlinked/freed while waiting for sco_conn_lock so this checks if the conn->sk is still valid by checking if it part ... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 7.8

    HIGH
    CVE-2024-50047

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: May. 02, 2025

  • 7.8

    HIGH
    CVE-2024-49989

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix double free issue during amdgpu module unload Flexible endpoints use DIGs from available inflexible endpoints, so only the encoders of inflexible links need to be f... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: May. 02, 2025

  • 7.8

    HIGH
    CVE-2024-49960

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4_fill_super The del_timer_sync function cancels the s_err_report timer, which reminds about filesys... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: May. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-46816

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links [Why] Coverity report OVERRUN warning. There are only max_links elements within dc->links. link count co... Read more

    Affected Products : linux_kernel
    • Published: Sep. 27, 2024
    • Modified: May. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-46784

    In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup Currently napi_disable() gets called during rxq and txq cleanup, even before napi is enabled and hrtimer is initializ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: May. 02, 2025

  • 7.1

    HIGH
    CVE-2024-46774

    In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() Smatch warns: arch/powerpc/kernel/rtas.c:1932 __do_sys_rtas() warn: potential spectre issue 'args.args' [r] (loca... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: May. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-46742

    In the Linux kernel, the following vulnerability has been resolved: smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open() null-ptr-deref will occur when (req_op_level == SMB2_OPLOCK_LEVEL_LEASE) and parse_lease_state() return NULL. ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 18, 2024
    • Modified: May. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-44938

    In the Linux kernel, the following vulnerability has been resolved: jfs: Fix shift-out-of-bounds in dbDiscardAG When searching for the next smaller log2 block, BLKSTOL2() returned 0, causing shift exponent -1 to be negative. This patch fixes the issue ... Read more

    Affected Products : linux_kernel
    • Published: Aug. 26, 2024
    • Modified: May. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-43904

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing This commit adds null checks for the 'stream' and 'plane' variables in the dcn30_apply_idle_power_optimiza... Read more

    Affected Products : linux_kernel
    • Published: Aug. 26, 2024
    • Modified: May. 02, 2025

  • 0.0

    NA
    CVE-2024-42322

    In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ip_vs_add_service Use pe directly to resolve sparse warning: net/netfilter/ipvs/ip_vs_ctl.c:1471:27: warning: dereference of noderef expression... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: May. 02, 2025
Showing 20 of 291158 Results