Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-53163

    In the Linux kernel, the following vulnerability has been resolved: crypto: qat/qat_420xx - fix off by one in uof_get_name() This is called from uof_get_name_420xx() where "num_objs" is the ARRAY_SIZE() of fw_objs[]. The > needs to be >= to prevent an ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2024
    • Modified: Mar. 06, 2025

  • 7.1

    HIGH
    CVE-2024-53162

    In the Linux kernel, the following vulnerability has been resolved: crypto: qat/qat_4xxx - fix off by one in uof_get_name() The fw_objs[] array has "num_objs" elements so the > needs to be >= to prevent an out of bounds read.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2024
    • Modified: Mar. 06, 2025

  • 5.5

    MEDIUM
    CVE-2024-53161

    In the Linux kernel, the following vulnerability has been resolved: EDAC/bluefield: Fix potential integer overflow The 64-bit argument for the "get DIMM info" SMC call consists of mem_ctrl_idx left-shifted 16 bits and OR-ed with DIMM index. With mem_ct... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2024
    • Modified: Feb. 03, 2025

  • 0.0

    NA
    CVE-2024-53160

    In the Linux kernel, the following vulnerability has been resolved: rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu KCSAN reports a data race when access the krcp->monitor_work.timer.expires variable in the schedule_delayed_monitor_work() fun... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2024
    • Modified: Dec. 24, 2024

  • 0.0

    NA
    CVE-2024-53158

    In the Linux kernel, the following vulnerability has been resolved: soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() This loop is supposed to break if the frequency returned from clk_round_rate() is the same as on the previous iteration.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2024
    • Modified: Dec. 24, 2024

  • 5.5

    MEDIUM
    CVE-2024-53157

    In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Check the DVFS OPP count returned by the firmware Fix a kernel crash with the below call trace when the SCPI firmware returns OPP count of zero. dvfs_info.opp_count... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2024
    • Modified: Jan. 07, 2025

  • 7.8

    HIGH
    CVE-2024-53156

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() I found the following bug in my fuzzer: UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2024
    • Modified: Jan. 07, 2025

  • 7.1

    HIGH
    CVE-2024-53155

    In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix uninitialized value in ocfs2_file_read_iter() Syzbot has reported the following KMSAN splat: BUG: KMSAN: uninit-value in ocfs2_file_read_iter+0x9a4/0xf80 ocfs2_file_read_it... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2024
    • Modified: Jan. 07, 2025

  • 5.5

    MEDIUM
    CVE-2024-53154

    In the Linux kernel, the following vulnerability has been resolved: clk: clk-apple-nco: Add NULL check in applnco_probe Add NULL check in applnco_probe, to handle kernel NULL pointer dereference error.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2024
    • Modified: Jan. 07, 2025

  • 0.0

    NA
    CVE-2024-53153

    In the Linux kernel, the following vulnerability has been resolved: PCI: qcom-ep: Move controller cleanups to qcom_pcie_perst_deassert() Currently, the endpoint cleanup function dw_pcie_ep_cleanup() and EPF deinit notify function pci_epc_deinit_notify()... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2024
    • Modified: Dec. 24, 2024

  • 0.0

    NA
    CVE-2024-53152

    In the Linux kernel, the following vulnerability has been resolved: PCI: tegra194: Move controller cleanups to pex_ep_event_pex_rst_deassert() Currently, the endpoint cleanup function dw_pcie_ep_cleanup() and EPF deinit notify function pci_epc_deinit_no... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2024
    • Modified: Dec. 24, 2024

  • 5.5

    MEDIUM
    CVE-2024-53151

    In the Linux kernel, the following vulnerability has been resolved: svcrdma: Address an integer overflow Dan Carpenter reports: > Commit 78147ca8b4a9 ("svcrdma: Add a "parsed chunk list" data > structure") from Jun 22, 2020 (linux-next), leads to the fo... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2024
    • Modified: Jan. 07, 2025

  • 7.8

    HIGH
    CVE-2024-53150

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. That... Read more

    Affected Products : linux_kernel
    • Actively Exploited
    • Published: Dec. 24, 2024
    • Modified: Apr. 10, 2025

  • 4.6

    MEDIUM
    CVE-2024-53149

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: glink: fix off-by-one in connector_status UCSI connector's indices start from 1 up to 3, PMIC_GLINK_MAX_PORTS. Correct the condition in the pmic_glink_ucsi_connector_s... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2024
    • Modified: Jan. 09, 2025

  • 0.0

    NA
    CVE-2024-53148

    In the Linux kernel, the following vulnerability has been resolved: comedi: Flush partial mappings in error case If some remap_pfn_range() calls succeeded before one failed, we still have buffer pages mapped into the userspace page tables when we drop t... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2024
    • Modified: Dec. 24, 2024

  • 0.0

    NA
    CVE-2024-53147

    In the Linux kernel, the following vulnerability has been resolved: exfat: fix out-of-bounds access of directory entries In the case of the directory size is greater than or equal to the cluster size, if start_clu becomes an EOF cluster(an invalid clust... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2024
    • Modified: Dec. 24, 2024

  • 5.5

    MEDIUM
    CVE-2024-53146

    In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >= U32_MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding i... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2024
    • Modified: Jan. 07, 2025

  • 5.5

    MEDIUM
    CVE-2024-53145

    In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONG_MAX, which can be easily triggered on UML/i386.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2024
    • Modified: Jan. 07, 2025

  • 9.8

    CRITICAL
    CVE-2024-43441

    Authentication Bypass by Assumed-Immutable Data vulnerability in Apache HugeGraph-Server. This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.5.0. Users are recommended to upgrade to version 1.5.0, which fixes the issue.... Read more

    Affected Products : hugegraph
    • Published: Dec. 24, 2024
    • Modified: Jul. 01, 2025

  • 6.4

    MEDIUM
    CVE-2024-12268

    The Responsive Blocks – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'responsive-block-editor-addons/portfolio' block in all versions up to, and including, 1.9.7 due to insufficient input sanitizatio... Read more

    Affected Products : responsive_blocks
    • Published: Dec. 24, 2024
    • Modified: Dec. 24, 2024
Showing 20 of 293426 Results