Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2016-2070

    The tcp_cwnd_reduction function in net/ipv4/tcp_input.c in the Linux kernel before 4.3.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via crafted TCP traffic.... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 4.7

    MEDIUM
    CVE-2016-2053

    The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in c... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-1576

    The overlayfs implementation in the Linux kernel through 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an overlayfs filesystem on top of a FUSE filesystem, and then executing a crafted setuid... Read more

    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2016-1575

    The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.... Read more

    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 5.1

    MEDIUM
    CVE-2015-8839

    Multiple race conditions in the ext4 filesystem implementation in the Linux kernel before 4.5 allow local users to cause a denial of service (disk corruption) by writing to a page that is associated with a different user's file after unsynchronized hole p... Read more

    Affected Products : linux_kernel ubuntu_linux
    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-8830

    Integer overflow in the aio_setup_single_vector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-8746

    fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) via crafted netwo... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 4.9

    MEDIUM
    CVE-2015-8324

    The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service (NULL pointer dereference and panic) via a crafted US... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-8019

    The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel 3.14.54 and 3.18.22 does not accept a length argument, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other im... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-4178

    The fs_pin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-4177

    The collect_mounts function in fs/namespace.c in the Linux kernel before 4.0.5 does not properly consider that it may execute after a path has been unmounted, which allows local users to cause a denial of service (system crash) by leveraging user-namespac... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-4176

    fs/namespace.c in the Linux kernel before 4.0.2 does not properly support mount connectivity, which allows local users to read arbitrary files by leveraging user-namespace root access for deletion of a file or directory.... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 4.7

    MEDIUM
    CVE-2015-4170

    Race condition in the ldsem_cmpxchg function in drivers/tty/tty_ldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service (ldsem_down_read and ldsem_down_write deadlock) by establishing a new tty thread duri... Read more

    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2015-2686

    net/socket.c in the Linux kernel 3.19 before 3.19.3 does not validate certain range data for (1) sendto and (2) recvfrom system calls, which allows local users to gain privileges by leveraging a subsystem that uses the copy_from_iter function in the iov_i... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-2672

    The xsave/xrstor implementation in arch/x86/include/asm/xsave.h in the Linux kernel before 3.19.2 creates certain .altinstr_replacement pointers and consequently does not provide any protection against instruction faulting, which allows local users to cau... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-1573

    The nft_flush_table function in net/netfilter/nf_tables_api.c in the Linux kernel before 3.18.5 mishandles the interaction between cross-chain jumps and ruleset flushes, which allows local users to cause a denial of service (panic) by leveraging the CAP_N... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 5.5

    MEDIUM
    CVE-2015-1350

    The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a fail... Read more

    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2014-9717

    fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DETACH umount2 system calls without verifying that the MNT_LOCKED flag is unset, which allows local users to bypass intended access restrictions and navigate to filesystem locations beneath a m... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2012-6701

    Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec.... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025

  • 7.8

    HIGH
    CVE-2012-6689

    The netlink_sendmsg function in net/netlink/af_netlink.c in the Linux kernel before 3.5.5 does not validate the dst_pid field, which allows local users to have an unspecified impact by spoofing Netlink messages.... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292811 Results