Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2024-53172

    In the Linux kernel, the following vulnerability has been resolved: ubi: fastmap: Fix duplicate slab cache names while attaching Since commit 4c39529663b9 ("slab: Warn on duplicate cache names when DEBUG_VM=y"), the duplicate slab cache names can be det... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Dec. 27, 2024

  • 7.8

    HIGH
    CVE-2024-53171

    In the Linux kernel, the following vulnerability has been resolved: ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit After an insertion in TNC, the tree might split and cause a node to change its `znode->parent`. A further deletion of o... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Feb. 11, 2025

  • 7.8

    HIGH
    CVE-2024-53170

    In the Linux kernel, the following vulnerability has been resolved: block: fix uaf for flush rq while iterating tags blk_mq_clear_flush_rq_mapping() is not called during scsi probe, by checking blk_queue_init_done(). However, QUEUE_FLAG_INIT_DONE is cle... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Feb. 10, 2025

  • 0.0

    NA
    CVE-2024-53169

    In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: fix kernel crash while shutting down controller The nvme keep-alive operation, which executes at a periodic interval, could potentially sneak in while shutting down a fabr... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Dec. 27, 2024

  • 7.8

    HIGH
    CVE-2024-53168

    In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapp... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Feb. 10, 2025

  • 0.0

    NA
    CVE-2024-53167

    In the Linux kernel, the following vulnerability has been resolved: nfs/blocklayout: Don't attempt unregister for invalid block device Since commit d869da91cccb ("nfs/blocklayout: Fix premature PR key unregistration") an unmount of a pNFS SCSI layout-en... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Dec. 27, 2024

  • 7.8

    HIGH
    CVE-2024-53166

    In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix bfqq uaf in bfq_limit_depth() Set new allocated bfqq to bic or remove freed bfqq from bic are both protected by bfqd->lock, however bfq_limit_depth() is deferencing bfqq... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Mar. 07, 2025

  • 7.8

    HIGH
    CVE-2024-53165

    In the Linux kernel, the following vulnerability has been resolved: sh: intc: Fix use-after-free bug in register_intc_controller() In the error handling for this function, d is freed without ever removing it from intc_list which would lead to a use afte... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Feb. 11, 2025

  • 0.0

    NA
    CVE-2024-53164

    In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to no... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Jan. 09, 2025

  • 0.0

    NA
    CVE-2022-49034

    In the Linux kernel, the following vulnerability has been resolved: sh: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK When CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS are selected, cpu_max_bits_warn() generates a runtime warning similar a... Read more

    Affected Products : linux_kernel
    • Published: Dec. 27, 2024
    • Modified: Dec. 27, 2024

  • 8.7

    HIGH
    CVE-2024-3393

    A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigge... Read more

    Affected Products : pan-os prisma_access
    • Actively Exploited
    • Published: Dec. 27, 2024
    • Modified: Jan. 14, 2025

  • 6.5

    MEDIUM
    CVE-2020-9253

    There is a stack overflow vulnerability in some Huawei smart phone. An attacker can craft specific packet to exploit this vulnerability. Due to insufficient verification, this could be exploited to tamper with the information to affect the availability. (... Read more

    Affected Products : lion-al00c_firmware lion-al00c
    • Published: Dec. 27, 2024
    • Modified: Jan. 13, 2025

  • 8.8

    HIGH
    CVE-2020-9236

    There is an improper interface design vulnerability in Huawei product. A module interface of the impated product does not deal with some operations properly. Attackers can exploit this vulnerability to perform malicious operatation to compromise module se... Read more

    • Published: Dec. 27, 2024
    • Modified: Jan. 14, 2025

  • 7.8

    HIGH
    CVE-2020-9222

    There is a privilege escalation vulnerability in Huawei FusionCompute product. Due to insufficient verification on specific files that need to be deserialized, local attackers can exploit this vulnerability to elevate permissions. (Vulnerability ID: HWPSI... Read more

    • Published: Dec. 27, 2024
    • Modified: Jan. 15, 2025

  • 7.2

    HIGH
    CVE-2020-9211

    There is an out-of-bound read and write vulnerability in Huawei smartphone. A module dose not verify the input sufficiently. Attackers can exploit this vulnerability by modifying some configuration to cause out-of-bound read and write, causing denial of s... Read more

    Affected Products : mate_30_firmware mate_30
    • Published: Dec. 27, 2024
    • Modified: Jan. 13, 2025

  • 6.8

    MEDIUM
    CVE-2020-9210

    There is an insufficient integrity vulnerability in Huawei products. A module does not perform sufficient integrity check in a specific scenario. Attackers can exploit the vulnerability by physically install malware. This could compromise normal service o... Read more

    Affected Products : myna_firmware myna
    • Published: Dec. 27, 2024
    • Modified: Jan. 13, 2025

  • 3.3

    LOW
    CVE-2020-9089

    There is an information vulnerability in Huawei smartphones. A function in a module can be called without verifying the caller's access. Attackers with user access can exploit this vulnerability to obtain some information. This can lead to information lea... Read more

    Affected Products : p30_pro_firmware p30_pro
    • Published: Dec. 27, 2024
    • Modified: Jan. 13, 2025

  • 4.3

    MEDIUM
    CVE-2020-9086

    There is a buffer error vulnerability in some Huawei product. An unauthenticated attacker may send special UPNP message to the affected products. Due to insufficient input validation of some value, successful exploit may cause some service abnormal. (Vuln... Read more

    Affected Products : b612_firmware b612
    • Published: Dec. 27, 2024
    • Modified: Jan. 13, 2025

  • 5.3

    MEDIUM
    CVE-2020-9085

    There is a NULL pointer dereference vulnerability in some Huawei products. An attacker may send specially crafted POST messages to the affected products. Due to insufficient validation of some parameter in the message, successful exploit may cause some pr... Read more

    Affected Products : b612_firmware b612
    • Published: Dec. 27, 2024
    • Modified: Jan. 13, 2025

  • 4.6

    MEDIUM
    CVE-2020-9082

    There is an information disclosure vulnerability in several smartphones. The system has a logic judging error under certain scenario, the attacker should gain the permit to execute commands in ADB mode and then do a series of operation on the phone. Succe... Read more

    Affected Products : mate_20_firmware mate_20
    • Published: Dec. 27, 2024
    • Modified: Jan. 14, 2025
Showing 20 of 293568 Results