Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2025-37838

    In the Linux kernel, the following vulnerability has been resolved: HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition In the ssi_protocol_probe() function, &ssi->work is bound with ssip_xmit_work(), In ssip... Read more

    Affected Products : linux_kernel
    • Published: Apr. 18, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Race Condition

  • 7.1

    HIGH
    CVE-2025-37785

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with rec_len == block size results in out-of-bounds read (later o... Read more

    Affected Products : linux_kernel
    • Published: Apr. 18, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-22120

    In the Linux kernel, the following vulnerability has been resolved: ext4: goto right label 'out_mmap_sem' in ext4_setattr() Otherwise, if ext4_inode_attach_jinode() fails, a hung task will happen because filemap_invalidate_unlock() isn't called to unloc... Read more

    Affected Products : linux_kernel
    • Published: Apr. 16, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-22028

    In the Linux kernel, the following vulnerability has been resolved: media: vimc: skip .s_stream() for stopped entities Syzbot reported [1] a warning prompted by a check in call_s_stream() that checks whether .s_stream() operation is warranted for unstar... Read more

    Affected Products : linux_kernel
    • Published: Apr. 16, 2025
    • Modified: May. 02, 2025

  • 0.0

    NA
    CVE-2025-22013

    In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state There are several problems with the way hyp code lazily saves the host's FPSIMD/SVE state, including: * Host SVE being ... Read more

    Affected Products : linux_kernel
    • Published: Apr. 08, 2025
    • Modified: May. 02, 2025

  • 5.5

    MEDIUM
    CVE-2025-21853

    In the Linux kernel, the following vulnerability has been resolved: bpf: avoid holding freeze_mutex during mmap operation We use map->freeze_mutex to prevent races between map_freeze() and memory mapping BPF map contents with writable permissions. The w... Read more

    Affected Products : linux_kernel
    • Published: Mar. 12, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Race Condition

  • 5.5

    MEDIUM
    CVE-2025-21681

    In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix lockup on tx to unregistering netdev with carrier Commit in a fixes tag attempted to fix the issue in the following sequence of calls: do_output -> ovs_vport_s... Read more

    Affected Products : linux_kernel
    • Published: Jan. 31, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2024-56751

    In the Linux kernel, the following vulnerability has been resolved: ipv6: release nexthop on device removal The CI is hitting some aperiodic hangup at device removal time in the pmtu.sh self-test: unregister_netdevice: waiting for veth_A-R1 to become f... Read more

    Affected Products : linux_kernel
    • Published: Dec. 29, 2024
    • Modified: May. 02, 2025

  • 7.8

    HIGH
    CVE-2024-56658

    In the Linux kernel, the following vulnerability has been resolved: net: defer final 'struct net' free in netns dismantle Ilya reported a slab-use-after-free in dst_destroy [1] Issue is in xfrm6_net_init() and xfrm4_net_init() : They copy xfrm[46]_dst... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: May. 02, 2025

  • 0.0

    NA
    CVE-2024-56609

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb When removing kernel modules by: rmmod rtw88_8723cs rtw88_8703b rtw88_8723x rtw88_sdio rtw88_core Driver uses skb_queue_p... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: May. 02, 2025

  • 7.8

    HIGH
    CVE-2024-56608

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' An issue was identified in the dcn21_link_encoder_create function where an out-of-bounds access could occur when... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: May. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-56599

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: avoid NULL pointer error during sdio remove When running 'rmmod ath10k', ath10k_sdio_remove() will free sdio workqueue by destroy_workqueue(). But if CONFIG_INIT_ON_FREE_D... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: May. 02, 2025

  • 7.8

    HIGH
    CVE-2024-56551

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix usage slab after free [ +0.000021] BUG: KASAN: slab-use-after-free in drm_sched_entity_flush+0x6cb/0x7a0 [gpu_sched] [ +0.000027] Read of size 8 at addr ffff8881b8605f... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: May. 02, 2025

  • 7.8

    HIGH
    CVE-2024-54458

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: bsg: Set bsg_queue to NULL after removal Currently, this does not cause any issues, but I believe it is necessary to set bsg_queue to NULL after removing it to prevent potent... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-53185

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix NULL ptr deref in crypto_aead_setkey() Neither SMB3.0 or SMB3.02 supports encryption negotiate context, so when SMB2_GLOBAL_CAP_ENCRYPTION flag is set in the negotiate ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: May. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-53128

    In the Linux kernel, the following vulnerability has been resolved: sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers When CONFIG_KASAN_SW_TAGS and CONFIG_KASAN_STACK are enabled, the object_is_on_stack() function may produce incorrec... Read more

    Affected Products : linux_kernel
    • Published: Dec. 04, 2024
    • Modified: May. 02, 2025

  • 7.8

    HIGH
    CVE-2024-50280

    In the Linux kernel, the following vulnerability has been resolved: dm cache: fix flushing uninitialized delayed_work on cache_ctr error An unexpected WARN_ON from flush_work() may occur when cache creation fails, caused by destroying the uninitialized ... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: May. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-50272

    In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemap_read() If the caller supplies an iocb->ki_pos value that is close to the filesystem upper limit, and an iterator with a count that causes us to o... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: May. 02, 2025

  • 5.5

    MEDIUM
    CVE-2024-50258

    In the Linux kernel, the following vulnerability has been resolved: net: fix crash when config small gso_max_size/gso_ipv4_max_size Config a small gso_max_size/gso_ipv4_max_size will lead to an underflow in sk_dst_gso_max_size(), which may trigger a BUG... Read more

    Affected Products : linux_kernel
    • Published: Nov. 09, 2024
    • Modified: May. 02, 2025

  • 7.8

    HIGH
    CVE-2024-50154

    In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(). """ We are seeing a use-after-free from a bpf pr... Read more

    Affected Products : linux_kernel
    • Published: Nov. 07, 2024
    • Modified: May. 02, 2025
Showing 20 of 291221 Results