Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.7

    MEDIUM
    CVE-2024-50135

    In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix race condition between reset and nvme_dev_disable() nvme_dev_disable() modifies the dev->online_queues field, therefore nvme_pci_update_nr_queues() should avoid racing aga... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 08, 2024

  • 5.5

    MEDIUM
    CVE-2024-50134

    In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA Replace the fake VLA at end of the vbva_mouse_pointer_shape shape with a real VLA to fix a "memcpy: dete... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 08, 2024

  • 5.5

    MEDIUM
    CVE-2024-50133

    In the Linux kernel, the following vulnerability has been resolved: LoongArch: Don't crash in stack_top() for tasks without vDSO Not all tasks have a vDSO mapped, for example kthreads never do. If such a task ever ends up calling stack_top(), it will de... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 07, 2024

  • 5.5

    MEDIUM
    CVE-2024-50132

    In the Linux kernel, the following vulnerability has been resolved: tracing/probes: Fix MAX_TRACE_ARGS limit handling When creating a trace_probe we would set nr_args prior to truncating the arguments to MAX_TRACE_ARGS. However, we would only initialize... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 07, 2024

  • 7.8

    HIGH
    CVE-2024-50131

    In the Linux kernel, the following vulnerability has been resolved: tracing: Consider the NULL character when validating the event length strlen() returns a string length excluding the null byte. If the string length equals to the maximum buffer length,... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 08, 2024

  • 7.8

    HIGH
    CVE-2024-50130

    In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: must hold reference on net namespace BUG: KASAN: slab-use-after-free in __nf_unregister_net_hook+0x640/0x6b0 Read of size 8 at addr ffff8880106fe400 by task repro/72= bp... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Mar. 06, 2025

  • 7.8

    HIGH
    CVE-2024-50129

    In the Linux kernel, the following vulnerability has been resolved: net: pse-pd: Fix out of bound for loop Adjust the loop limit to prevent out-of-bounds access when iterating over PI structures. The loop should not reach the index pcdev->nr_lines since... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 07, 2024

  • 7.1

    HIGH
    CVE-2024-50128

    In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwan_rtnl_policy The variable wwan_rtnl_link_ops assign a *bigger* maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. E... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 08, 2024

  • 7.8

    HIGH
    CVE-2024-50127

    In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in taprio_change() In 'taprio_change()', 'admin' pointer may become dangling due to sched switch / removal caused by 'advance_sched()', and critical secti... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Dec. 11, 2024

  • 7.8

    HIGH
    CVE-2024-50126

    In the Linux kernel, the following vulnerability has been resolved: net: sched: use RCU read-side critical section in taprio_dump() Fix possible use-after-free in 'taprio_dump()' by adding RCU read-side critical section there. Never seen on x86 but foun... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Dec. 11, 2024

  • 7.8

    HIGH
    CVE-2024-50125

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been unlinked/freed while waiting for sco_conn_lock so this checks if the conn->sk is still valid by checking if it part ... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: May. 02, 2025

  • 7.8

    HIGH
    CVE-2024-50124

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix UAF on iso_sock_timeout conn->sk maybe have been unlinked/freed while waiting for iso_conn_lock so this checks if the conn->sk is still valid by checking if it part ... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Dec. 11, 2024

  • 7.1

    HIGH
    CVE-2024-50123

    In the Linux kernel, the following vulnerability has been resolved: bpf: Add the missing BPF_LINK_TYPE invocation for sockmap There is an out-of-bounds read in bpf_link_show_fdinfo() for the sockmap link fd. Fix it by adding the missing BPF_LINK_TYPE in... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 08, 2024

  • 5.5

    MEDIUM
    CVE-2024-50122

    In the Linux kernel, the following vulnerability has been resolved: PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 13, 2024

  • 7.8

    HIGH
    CVE-2024-50121

    In the Linux kernel, the following vulnerability has been resolved: nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net In the normal case, when we excute `echo 0 > /proc/fs/nfsd/threads`, the function `nfs4_state_destroy_net` in ... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Jan. 09, 2025

  • 5.5

    MEDIUM
    CVE-2024-50120

    In the Linux kernel, the following vulnerability has been resolved: smb: client: Handle kstrdup failures for passwords In smb3_reconfigure(), after duplicating ctx->password and ctx->password2 with kstrdup(), we need to check for allocation failures. I... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 08, 2024

  • 5.5

    MEDIUM
    CVE-2024-50119

    In the Linux kernel, the following vulnerability has been resolved: cifs: fix warning when destroy 'cifs_io_request_pool' There's a issue as follows: WARNING: CPU: 1 PID: 27826 at mm/slub.c:4698 free_large_kmalloc+0xac/0xe0 RIP: 0010:free_large_kmalloc+... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 08, 2024

  • 5.5

    MEDIUM
    CVE-2024-50118

    In the Linux kernel, the following vulnerability has been resolved: btrfs: reject ro->rw reconfiguration if there are hard ro requirements [BUG] Syzbot reports the following crash: BTRFS info (device loop0 state MCS): disabling free space tree BTRF... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 08, 2024

  • 5.5

    MEDIUM
    CVE-2024-50117

    In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a NULL pointer dereference in the caller. ``` ? show_reg... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 08, 2024

  • 5.5

    MEDIUM
    CVE-2024-50116

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of buffer delay flag Syzbot reported that after nilfs2 reads a corrupted file system image and degrades to read-only, the BUG_ON check for... Read more

    Affected Products : linux_kernel
    • Published: Nov. 05, 2024
    • Modified: Nov. 08, 2024
Showing 20 of 293646 Results