Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2024-58083

    In the Linux kernel, the following vulnerability has been resolved: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() Explicitly verify the target vCPU is fully online _prior_ to clamping the index in kvm_get_vcpu(). If the index is "bad",... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Apr. 01, 2025

  • 0.0

    NA
    CVE-2024-58082

    In the Linux kernel, the following vulnerability has been resolved: media: nuvoton: Fix an error check in npcm_video_ece_init() When function of_find_device_by_node() fails, it returns NULL instead of an error code. So the corresponding error check logi... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Mar. 06, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2024-58081

    In the Linux kernel, the following vulnerability has been resolved: clk: mmp2: call pm_genpd_init() only after genpd.name is set Setting the genpd's struct device's name with dev_set_name() is happening within pm_genpd_init(). If it remains NULL, things... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Mar. 25, 2025

  • 5.5

    MEDIUM
    CVE-2024-58080

    In the Linux kernel, the following vulnerability has been resolved: clk: qcom: dispcc-sm6350: Add missing parent_map for a clock If a clk_rcg2 has a parent, it should also have parent_map defined, otherwise we'll get a NULL pointer dereference when call... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Mar. 25, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2024-58079

    In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix crash during unbind if gpio unit is in use We used the wrong device for the device managed functions. We used the usb device, when we should be using the interface ... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2024-58078

    In the Linux kernel, the following vulnerability has been resolved: misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors misc_minor_alloc was allocating id using ida for minor only in case of MISC_DYNAMIC_MINOR but misc_minor_free was a... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Mar. 06, 2025

  • 0.0

    NA
    CVE-2024-58077

    In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-pcm: don't use soc_pcm_ret() on .prepare callback commit 1f5664351410 ("ASoC: lower "no backend DAIs enabled for ... Port" log severity") ignores -EINVAL error message on comm... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Jun. 19, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2024-58076

    In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-sm6350: Add missing parent_map for two clocks If a clk_rcg2 has a parent, it should also have parent_map defined, otherwise we'll get a NULL pointer dereference when call... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Mar. 25, 2025
    • Vuln Type: Misconfiguration

  • 7.5

    HIGH
    CVE-2024-51476

    IBM Concert Software 1.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.... Read more

    Affected Products : linux_kernel concert concert_software
    • Published: Mar. 06, 2025
    • Modified: Jul. 16, 2025
    • Vuln Type: Authentication

  • 8.4

    HIGH
    CVE-2024-12742

    A deserialization of untrusted data vulnerability exists in NI G Web Development Software that may result in arbitrary code execution.  Successful exploitation requires an attacker to get a user to open a specially crafted project file.  This vulnerabilit... Read more

    Affected Products :
    • Published: Mar. 06, 2025
    • Modified: Mar. 06, 2025
    • Vuln Type: Injection

  • 7.6

    HIGH
    CVE-2025-2031

    A vulnerability classified as critical has been found in ChestnutCMS up to 1.5.2. This affects the function uploadFile of the file /dev-api/cms/file/upload. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the... Read more

    Affected Products : chestnutcms chestnutcms
    • Published: Mar. 06, 2025
    • Modified: May. 12, 2025
    • Vuln Type: Authentication

  • 0.0

    NA
    CVE-2025-21828

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't flush non-uploaded STAs If STA state is pre-moved to AUTHORIZED (such as in IBSS scenarios) and insertion fails, the station is freed. In this case, the driver nev... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Mar. 06, 2025
    • Vuln Type: Authorization

  • 0.0

    NA
    CVE-2025-21827

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Add locks for usb_driver_claim_interface() The documentation for usb_driver_claim_interface() says that "the device lock" is needed when the function is call... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Mar. 06, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-21826

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject mismatching sum of field_len with set key length The field length description provides the length of each separated key field in the concatenation, each fie... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-21825

    In the Linux kernel, the following vulnerability has been resolved: bpf: Cancel the running bpf_timer through kworker for PREEMPT_RT During the update procedure, when overwrite element in a pre-allocated htab, the freeing of old_element is protected by ... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Mar. 06, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2024-58075

    In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - do not transfer req when tegra init fails The tegra_cmac_init or tegra_sha_init function may return an error when memory is exhausted. It should not transfer the request... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Mar. 06, 2025
    • Vuln Type: Cryptography

  • 0.0

    NA
    CVE-2024-58074

    In the Linux kernel, the following vulnerability has been resolved: drm/i915: Grab intel_display from the encoder to avoid potential oopsies Grab the intel_display from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Mar. 06, 2025

  • 5.5

    MEDIUM
    CVE-2024-58073

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check dpu_plane_atomic_print_state() for valid sspp Similar to the r_pipe sspp protect, add a check to protect the pipe state prints to avoid NULL ptr dereference for cases... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Mar. 25, 2025
    • Vuln Type: Information Disclosure

  • 0.0

    NA
    CVE-2024-58072

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: remove unused check_buddy_priv Commit 2461c7d60f9f ("rtlwifi: Update header file") introduced a global list of private data structures. Later on, commit 26634c4b1868 ("r... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Race Condition

  • 5.5

    MEDIUM
    CVE-2024-58071

    In the Linux kernel, the following vulnerability has been resolved: team: prevent adding a device which is already a team device lower Prevent adding a device which is already a team device lower, e.g. adding veth0 if vlan1 was already added and veth0 i... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Mar. 25, 2025
    • Vuln Type: Race Condition
Showing 20 of 293186 Results