Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NONE
    CVE-2024-47687

    In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix invalid mr resource destroy Certain error paths from mlx5_vdpa_dev_add() can end up releasing mr resources which never got initialized in the first place. This patch add... Read more

    Affected Products :
    • Published: Oct. 21, 2024
    • Modified: Oct. 21, 2024

  • 0.0

    NONE
    CVE-2024-47686

    In the Linux kernel, the following vulnerability has been resolved: ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate() The psc->div[] array has psc->num_div elements. These values come from when we call clk_hw_register_div(). It's adc_divisors ... Read more

    Affected Products :
    • Published: Oct. 21, 2024
    • Modified: Oct. 21, 2024

  • 0.0

    NONE
    CVE-2024-47685

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() syzbot reported that nf_reject_ip6_tcphdr_put() was possibly sending garbage on the four reserved tcp bits (th->res1) Use skb_... Read more

    Affected Products :
    • Published: Oct. 21, 2024
    • Modified: Oct. 21, 2024

  • 5.5

    CVSS31
    CVE-2024-47684

    In the Linux kernel, the following vulnerability has been resolved: tcp: check skb is non-NULL in tcp_rto_delta_us() We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 22, 2024

  • 0.0

    NONE
    CVE-2024-47683

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip Recompute DSC Params if no Stream on Link [why] Encounter NULL pointer dereference uner mst + dsc setup. BUG: kernel NULL pointer dereference, address: 0000000000... Read more

    Affected Products :
    • Published: Oct. 21, 2024
    • Modified: Oct. 21, 2024

  • 0.0

    NONE
    CVE-2024-47682

    In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fix off-by-one error in sd_read_block_characteristics() Ff the device returns page 0xb1 with length 8 (happens with qemu v2.x, for example), sd_read_block_characteristics() ma... Read more

    Affected Products :
    • Published: Oct. 21, 2024
    • Modified: Oct. 21, 2024

  • 5.5

    CVSS31
    CVE-2024-47681

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he Fix the NULL pointer dereference in mt7996_mcu_sta_bfer_he routine adding an sta interface to the mt7996 drive... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 22, 2024

  • 0.0

    NONE
    CVE-2024-47680

    In the Linux kernel, the following vulnerability has been resolved: f2fs: check discard support for conventional zones As the helper function f2fs_bdev_support_discard() shows, f2fs checks if the target block devices support discard by calling bdev_max_... Read more

    Affected Products :
    • Published: Oct. 21, 2024
    • Modified: Oct. 21, 2024

  • 0.0

    NONE
    CVE-2024-47679

    In the Linux kernel, the following vulnerability has been resolved: vfs: fix race between evice_inodes() and find_inode()&iput() Hi, all Recently I noticed a bug[1] in btrfs, after digged it into and I believe it'a race in vfs. Let's assume there's a ... Read more

    Affected Products :
    • Published: Oct. 21, 2024
    • Modified: Oct. 21, 2024

  • 0.0

    NONE
    CVE-2024-47678

    In the Linux kernel, the following vulnerability has been resolved: icmp: change the order of rate limits ICMP messages are ratelimited : After the blamed commits, the two rate limiters are applied in this order: 1) host wide ratelimit (icmp_global_al... Read more

    Affected Products :
    • Published: Oct. 21, 2024
    • Modified: Oct. 21, 2024

  • 5.5

    CVSS31
    CVE-2024-47677

    In the Linux kernel, the following vulnerability has been resolved: exfat: resolve memory leak from exfat_create_upcase_table() If exfat_load_upcase_table reaches end and returns -EINVAL, allocated memory doesn't get freed and while exfat_load_default_u... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 22, 2024

  • 7.8

    CVSS31
    CVE-2024-47676

    In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb.c: fix UAF of vma in hugetlb fault pathway Syzbot reports a UAF in hugetlb_fault(). This happens because vmf_anon_prepare() could drop the per-VMA lock and allow the current... Read more

    Affected Products : linux_kernel
    • Published: Oct. 21, 2024
    • Modified: Oct. 22, 2024

  • 0.0

    NONE
    CVE-2024-47675

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() If bpf_link_prime() fails, bpf_uprobe_multi_link_attach() goes to the error_free label and frees the array of bpf_uprobe's with... Read more

    Affected Products :
    • Published: Oct. 21, 2024
    • Modified: Oct. 21, 2024

  • 7.6

    CVSS31
    CVE-2024-47328

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FunnelKit Automation By Autonami allows SQL Injection.This issue affects Automation By Autonami: from n/a through 3.1.2.... Read more

    Affected Products :
    • Published: Oct. 21, 2024
    • Modified: Oct. 21, 2024

  • 6.5

    CVSS31
    CVE-2024-43945

    Cross-Site Request Forgery (CSRF) vulnerability in Latepoint LatePoint allows Cross Site Request Forgery.This issue affects LatePoint: from n/a through 4.9.91.... Read more

    Affected Products :
    • Published: Oct. 21, 2024
    • Modified: Oct. 21, 2024

  • 7.2

    CVSS31
    CVE-2024-8625

    The TS Poll WordPress plugin before 2.4.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks... Read more

    Affected Products :
    • Published: Oct. 21, 2024
    • Modified: Oct. 21, 2024

  • 8.8

    CVSS31
    CVE-2024-10202

    Administrative Management System from Wellchoose has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands.... Read more

    Affected Products :
    • Published: Oct. 21, 2024
    • Modified: Oct. 21, 2024

  • 8.8

    CVSS31
    CVE-2024-10201

    Administrative Management System from Wellchoose does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells.... Read more

    Affected Products :
    • Published: Oct. 21, 2024
    • Modified: Oct. 21, 2024

  • 7.5

    CVSS31
    CVE-2024-10200

    Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to download arbitrary files on the server.... Read more

    Affected Products :
    • Published: Oct. 21, 2024
    • Modified: Oct. 21, 2024

  • 8.8

    CVSS31
    CVE-2024-43689

    Stack-based buffer overflow vulnerability exists in WAB-I1750-PS and WAB-S1167-PS. By processing a specially crafted HTTP request, arbitrary code may be executed.... Read more

    Affected Products :
    • Published: Oct. 21, 2024
    • Modified: Oct. 21, 2024
Showing 20 of 525 Results