Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.7

    HIGH
    CVE-2024-47002

    A html code injection vulnerability exists in the vlan management part of Observium CE 24.4.13528. A specially crafted HTTP request can lead to an arbitrary html code. An authenticated user would need to click a malicious link provided by the attacker.... Read more

    Affected Products : observium
    • Published: Jan. 15, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Injection

  • 8.7

    HIGH
    CVE-2024-45061

    A cross-site scripting (xss) vulnerability exists in the weather map editor functionality of Observium CE 24.4.13528. A specially crafted HTTP request can lead to a arbitrary javascript code execution. An authenticated user would need to click a malicious... Read more

    Affected Products : observium
    • Published: Jan. 15, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Cross-Site Scripting

  • 9.8

    CRITICAL
    CVE-2024-12084

    A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out ... Read more

    • Published: Jan. 15, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2024-11322

    A denial-of-service vulnerability exists in CyberPower PowerPanel Business (PPB) 4.11.0. An unauthenticated remote attacker can restart the ppbd.exe process via the PowerPanel Business Service Watchdog service listening on TCP port 2003. The attacker can... Read more

    Affected Products :
    • Published: Jan. 15, 2025
    • Modified: Jan. 15, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-21629

    In the Linux kernel, the following vulnerability has been resolved: net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets The blamed commit disabled hardware offoad of IPv6 packets with extension headers on devices that advertise NETIF_F_IPV6_CSUM... Read more

    Affected Products : linux_kernel
    • Published: Jan. 15, 2025
    • Modified: Jan. 15, 2025
    • Vuln Type: Misconfiguration

  • 3.3

    LOW
    CVE-2024-5198

    OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a NULL pointer dereference leading to a system halt.... Read more

    Affected Products : openvpn-gui ovpn-dco-win
    • Published: Jan. 15, 2025
    • Modified: Jun. 10, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2024-57903

    In the Linux kernel, the following vulnerability has been resolved: net: restrict SO_REUSEPORT to inet sockets After blamed commit, crypto sockets could accidentally be destroyed from RCU call back, as spotted by zyzbot [1]. Trying to acquire a mutex i... Read more

    Affected Products : linux_kernel
    • Published: Jan. 15, 2025
    • Modified: Jan. 15, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2024-57902

    In the Linux kernel, the following vulnerability has been resolved: af_packet: fix vlan_get_tci() vs MSG_PEEK Blamed commit forgot MSG_PEEK case, allowing a crash [1] as found by syzbot. Rework vlan_get_tci() to not touch skb at all, so that it can be ... Read more

    Affected Products : linux_kernel
    • Published: Jan. 15, 2025
    • Modified: Jan. 15, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2024-57901

    In the Linux kernel, the following vulnerability has been resolved: af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK Blamed commit forgot MSG_PEEK case, allowing a crash [1] as found by syzbot. Rework vlan_get_protocol_dgram() to not touch skb at a... Read more

    Affected Products : linux_kernel
    • Published: Jan. 15, 2025
    • Modified: Jan. 15, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-57900

    In the Linux kernel, the following vulnerability has been resolved: ila: serialize calls to nf_register_net_hooks() syzbot found a race in ila_add_mapping() [1] commit 031ae72825ce ("ila: call nf_unregister_net_hooks() sooner") attempted to fix a simil... Read more

    Affected Products : linux_kernel
    • Published: Jan. 15, 2025
    • Modified: Feb. 13, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2024-57899

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix mbss changed flags corruption on 32 bit systems On 32-bit systems, the size of an unsigned long is 4 bytes, while a u64 is 8 bytes. Therefore, when using or_each_set... Read more

    Affected Products : linux_kernel
    • Published: Jan. 15, 2025
    • Modified: Jan. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2024-57898

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear link ID from bitmap during link delete after clean up Currently, during link deletion, the link ID is first removed from the valid_links bitmap before performing a... Read more

    Affected Products : linux_kernel
    • Published: Jan. 15, 2025
    • Modified: Jan. 15, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2024-57897

    In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Correct the migration DMA map direction The SVM DMA device map direction should be set the same as the DMA unmap setting, otherwise the DMA core will report the following wa... Read more

    Affected Products : linux_kernel
    • Published: Jan. 15, 2025
    • Modified: Jan. 15, 2025

  • 7.8

    HIGH
    CVE-2024-57896

    In the Linux kernel, the following vulnerability has been resolved: btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount During the unmount path, at close_ctree(), we first stop the cleaner kthread, using kthread_stop() whi... Read more

    Affected Products : linux_kernel
    • Published: Jan. 15, 2025
    • Modified: Feb. 11, 2025
    • Vuln Type: Race Condition

  • 5.5

    MEDIUM
    CVE-2024-57895

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: set ATTR_CTIME flags when setting mtime David reported that the new warning from setattr_copy_mgtime is coming like the following. [ 113.215316] ------------[ cut here ]-------... Read more

    Affected Products : linux_kernel
    • Published: Jan. 15, 2025
    • Modified: Jan. 21, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2024-57893

    In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages split in 6 bytes packets, and ALSA sequencer OSS layer tries to combine those. It stores... Read more

    Affected Products : linux_kernel
    • Published: Jan. 15, 2025
    • Modified: Jan. 15, 2025
    • Vuln Type: Race Condition

  • 7.8

    HIGH
    CVE-2024-57892

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv When mounting ocfs2 and then remounting it as read-only, a slab-use-after-free occurs after the user uses a syscall to qu... Read more

    Affected Products : linux_kernel
    • Published: Jan. 15, 2025
    • Modified: Feb. 13, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2024-57891

    In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix invalid irq restore in scx_ops_bypass() While adding outer irqsave/restore locking, 0e7ffff1b811 ("scx: Fix raciness in scx_ops_bypass()") forgot to convert an inner rq_u... Read more

    Affected Products : linux_kernel
    • Published: Jan. 15, 2025
    • Modified: Jan. 15, 2025
    • Vuln Type: Race Condition

  • 5.5

    MEDIUM
    CVE-2024-57890

    In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqe_size * cmd.wr_count", both variables are u32 values that come from the user so the multiplication can lead to inte... Read more

    Affected Products : linux_kernel
    • Published: Jan. 15, 2025
    • Modified: Jan. 21, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2024-57889

    In the Linux kernel, the following vulnerability has been resolved: pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking If a device uses MCP23xxx IO expander to receive IRQs, the following bug can happen: BUG: sleeping function ca... Read more

    Affected Products : linux_kernel
    • Published: Jan. 15, 2025
    • Modified: Jan. 15, 2025
    • Vuln Type: Race Condition
Showing 20 of 291520 Results