Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2025-22088

    In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() After the erdma_cep_put(new_cep) being called, new_cep will be freed, and the following dereference will cause a UAF problem... Read more

    Affected Products : linux_kernel
    • Published: Apr. 16, 2025
    • Modified: Apr. 25, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-22097

    In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the driver initialization fails, the vkms_exit() function might access an uninitialized or freed default_config pointer and... Read more

    Affected Products : linux_kernel
    • Published: Apr. 16, 2025
    • Modified: Apr. 25, 2025
    • Vuln Type: Memory Corruption

  • 4.0

    MEDIUM
    CVE-2024-20065

    In telephony, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0869... Read more

    Affected Products : android mt6781 mt6835 mt6853 mt6855 mt6877 mt6879 mt6885 mt6886 mt6893 +4 more products
    • Published: Jun. 03, 2024
    • Modified: Apr. 25, 2025

  • 9.8

    CRITICAL
    CVE-2024-20067

    In modem, there is a possible out of bounds write due to improper input invalidation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01267285; Issu... Read more

    Affected Products : nr16 nr17 mt6813 mt6835 mt6878 mt6897 mt8792 mt6815 mt6899 mt6991 +2 more products
    • Published: Jun. 03, 2024
    • Modified: Apr. 25, 2025

  • 5.9

    MEDIUM
    CVE-2024-20068

    In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01270721; Issue ID: MSV-... Read more

    Affected Products : nr16 nr17 mt6813 mt6835 mt6878 mt6879 mt6895 mt6895t mt6896 mt6897 +17 more products
    • Published: Jun. 03, 2024
    • Modified: Apr. 25, 2025

  • 6.5

    MEDIUM
    CVE-2024-20069

    In modem, there is a possible selection of less-secure algorithm during the VoWiFi IKE due to a missing DH downgrade check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for... Read more

    Affected Products : nr15 mt6833 mt6853 mt6855 mt6873 mt6875 mt6877 mt6883 mt6885 mt6889 +7 more products
    • Published: Jun. 03, 2024
    • Modified: Apr. 25, 2025

  • 5.1

    MEDIUM
    CVE-2024-20070

    In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execu... Read more

    Affected Products : nr15 nr16 nr17 mt6813 mt6833 mt6835 mt6853 mt6855 mt6873 mt6875 +30 more products
    • Published: Jun. 03, 2024
    • Modified: Apr. 25, 2025

  • 4.4

    MEDIUM
    CVE-2024-20071

    In wlan driver, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00364733; Iss... Read more

    • Published: Jun. 03, 2024
    • Modified: Apr. 25, 2025

  • 6.6

    MEDIUM
    CVE-2024-20072

    In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00364732; I... Read more

    • Published: Jun. 03, 2024
    • Modified: Apr. 25, 2025

  • 6.6

    MEDIUM
    CVE-2024-20073

    In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00367704; ... Read more

    • Published: Jun. 03, 2024
    • Modified: Apr. 25, 2025

  • 6.6

    MEDIUM
    CVE-2024-20074

    In dmc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08668110; Issue ID: MSV... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6835 mt6853 mt6855 mt6873 +21 more products
    • Published: Jun. 03, 2024
    • Modified: Apr. 25, 2025

  • 6.7

    MEDIUM
    CVE-2024-20090

    In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MS... Read more

    Affected Products : android mt6779 mt6785 mt6853 mt6873 mt6885 mt6761 mt6765 mt6768 mt8667 +7 more products
    • Published: Oct. 07, 2024
    • Modified: Apr. 25, 2025

  • 7.8

    HIGH
    CVE-2024-20092

    In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MS... Read more

    Affected Products : android mt6779 mt6785 mt6853 mt6873 mt6885 mt6761 mt6765 mt6768 mt8667 +7 more products
    • Published: Oct. 07, 2024
    • Modified: Apr. 25, 2025

  • 7.5

    HIGH
    CVE-2024-20094

    In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00843282; Issue ID: MSV-15... Read more

    Affected Products : nr15 mt2735 mt6833 mt6853 mt6855 mt6873 mt6875 mt6877 mt6880 mt6883 +11 more products
    • Published: Oct. 07, 2024
    • Modified: Apr. 25, 2025

  • 6.7

    MEDIUM
    CVE-2024-20098

    In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08996886; Issue ID: M... Read more

    Affected Products : android yocto mt6779 mt6781 mt6785 mt6833 mt6853 mt6873 mt6877 mt6885 +10 more products
    • Published: Oct. 07, 2024
    • Modified: Apr. 25, 2025

  • 6.7

    MEDIUM
    CVE-2024-20099

    In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08997492; Issue ID: M... Read more

    • Published: Oct. 07, 2024
    • Modified: Apr. 25, 2025

  • 9.8

    CRITICAL
    CVE-2024-20100

    In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998449; Iss... Read more

    Affected Products : android iot_yocto mt6985 mt6989 mt6990 mt8183 mt8676 mt8678 mt8755 mt8775 +9 more products
    • Published: Oct. 07, 2024
    • Modified: Apr. 25, 2025

  • 7.2

    HIGH
    CVE-2024-50960

    A command injection vulnerability in the Nmap diagnostic tool in the admin web console of Extron SMP 111 <=3.01, SMP 351 <=2.16, SMP 352 <= 2.16, and SME 211 <= 3.02, allows a remote authenticated attacker to execute arbitrary commands as root on the unde... Read more

    • Published: Apr. 15, 2025
    • Modified: Apr. 25, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-29043

    An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x417234... Read more

    Affected Products : dir-823x_firmware dir-823x
    • Published: Apr. 17, 2025
    • Modified: Apr. 25, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-29042

    An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the macaddr key value to the function 0x42232c... Read more

    Affected Products : dir-823x_firmware dir-823x
    • Published: Apr. 17, 2025
    • Modified: Apr. 25, 2025
    • Vuln Type: Authentication
Showing 20 of 293527 Results