Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.7

    MEDIUM
    CVE-2024-27408

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the eDMA controller reg... Read more

    Affected Products : linux_kernel
    • Published: May. 17, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2024-27406

    In the Linux kernel, the following vulnerability has been resolved: lib/Kconfig.debug: TEST_IOV_ITER depends on MMU Trying to run the iov_iter unit test on a nommu system such as the qemu kc705-nommu emulation results in a crash. KTAP version 1 ... Read more

    Affected Products : linux_kernel
    • Published: May. 17, 2024
    • Modified: Sep. 18, 2025

  • 8.6

    HIGH
    CVE-2025-58760

    Tautulli is a Python based monitoring and tracking tool for Plex Media Server. The `/image` API endpoint in Tautulli v2.15.3 and earlier is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the application serve... Read more

    Affected Products : tautulli
    • Published: Sep. 09, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Path Traversal

  • 4.7

    MEDIUM
    CVE-2024-27404

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data races on remote_id Similar to the previous patch, address the data race on remote_id, adding the suitable ONCE annotations.... Read more

    Affected Products : linux_kernel
    • Published: May. 17, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2024-27403

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_flow_offload: reset dst in route object after setting up flow dst is transferred to the flow object, route object does not own it anymore. Reset dst in route object, oth... Read more

    Affected Products : linux_kernel
    • Published: May. 17, 2024
    • Modified: Sep. 18, 2025

  • 5.8

    MEDIUM
    CVE-2024-27402

    In the Linux kernel, the following vulnerability has been resolved: phonet/pep: fix racy skb_queue_empty() use The receive queues are protected by their respective spin-lock, not the socket lock. This could lead to skb_peek() unexpectedly returning NULL... Read more

    Affected Products : linux_kernel
    • Published: May. 17, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2023-52658

    In the Linux kernel, the following vulnerability has been resolved: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" This reverts commit 662404b24a4c4d839839ed25e3097571f5938b9b. The revert is required due to the suspicion it is no... Read more

    Affected Products : linux_kernel
    • Published: May. 17, 2024
    • Modified: Sep. 18, 2025

  • 8.6

    HIGH
    CVE-2025-58761

    Tautulli is a Python based monitoring and tracking tool for Plex Media Server. The `real_pms_image_proxy` endpoint in Tautulli v2.15.3 and prior is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the applicati... Read more

    Affected Products : tautulli
    • Published: Sep. 09, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Path Traversal

  • 7.0

    HIGH
    CVE-2024-27397

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set back... Read more

    Affected Products : linux_kernel
    • Published: May. 14, 2024
    • Modified: Sep. 18, 2025

  • 10.0

    CRITICAL
    CVE-2024-13151

    Authorization Bypass Through User-Controlled SQL Primary Key, CWE - 89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Logo Software Diva allows SQL Injection, CAPEC - 7 - Blind SQL Injection.This is... Read more

    Affected Products :
    • Published: Sep. 18, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2023-52655

    In the Linux kernel, the following vulnerability has been resolved: usb: aqc111: check packet for fixup for true limit If a device sends a packet that is inbetween 0 and sizeof(u64) the value passed to skb_trim() as length will wrap around ending up as ... Read more

    Affected Products : linux_kernel
    • Published: May. 14, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2023-52657

    In the Linux kernel, the following vulnerability has been resolved: Revert "drm/amd/pm: resolve reboot exception for si oland" This reverts commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86. This causes hangs on SI when DC is enabled and errors on driver... Read more

    Affected Products : linux_kernel
    • Published: May. 17, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2022-48699

    In the Linux kernel, the following vulnerability has been resolved: sched/debug: fix dentry leak in update_sched_domain_debugfs Kuyo reports that the pattern of using debugfs_remove(debugfs_lookup()) leaks a dentry and with a hotplug stress test, the ma... Read more

    Affected Products : linux_kernel
    • Published: May. 03, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2022-48690

    In the Linux kernel, the following vulnerability has been resolved: ice: Fix DMA mappings leak Fix leak, when user changes ring parameters. During reallocation of RX buffers, new DMA mappings are created for those buffers. New buffers with different RX ... Read more

    Affected Products : linux_kernel
    • Published: May. 03, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2022-48704

    In the Linux kernel, the following vulnerability has been resolved: drm/radeon: add a force flush to delay work when radeon Although radeon card fence and wait for gpu to finish processing current batch rings, there is still a corner case that radeon lo... Read more

    Affected Products : linux_kernel
    • Published: May. 03, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2022-48705

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix crash in chip reset fail In case of drv own fail in reset, we may need to run mac_reset several times. The sequence would trigger system crash as the log below.... Read more

    Affected Products : linux_kernel
    • Published: May. 03, 2024
    • Modified: Sep. 18, 2025

  • 4.7

    MEDIUM
    CVE-2023-52654

    In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: disable sending io_uring over sockets File reference cycles have caused lots of problems for io_uring in the past, and it still doesn't work exactly right and races wi... Read more

    Affected Products : linux_kernel
    • Published: May. 14, 2024
    • Modified: Sep. 18, 2025

  • 9.1

    CRITICAL
    CVE-2025-58762

    Tautulli is a Python based monitoring and tracking tool for Plex Media Server. In Tautulli v2.15.3 and earlier, an attacker with administrative access can use the `pms_image_proxy` endpoint to write arbitrary python scripts into the application filesystem... Read more

    Affected Products : tautulli
    • Published: Sep. 09, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Path Traversal

  • 5.5

    MEDIUM
    CVE-2024-27066

    In the Linux kernel, the following vulnerability has been resolved: virtio: packed: fix unmap leak for indirect desc table When use_dma_api and premapped are true, then the do_unmap is false. Because the do_unmap is false, vring_unmap_extra_packed is n... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2024-27067

    In the Linux kernel, the following vulnerability has been resolved: xen/evtchn: avoid WARN() when unbinding an event channel When unbinding a user event channel, the related handler might be called a last time in case the kernel was built with CONFIG_DE... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Sep. 18, 2025
Showing 20 of 294701 Results