CVE Database

37767+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2022-49170
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on curseg->alloc_type As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=215657 …

Feb 26, 2025
CVE-2022-49168
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not clean up repair bio if submit fails The submit helper will always …

Feb 26, 2025
CVE-2022-49163
7.1 HIGH

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: fix a bug of accessing array out of bounds When error occurs in …

Feb 26, 2025
CVE-2022-49145
7.1 HIGH

In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Avoid out of bounds access when parsing _CPC data If the NumEntries field …

Feb 26, 2025
CVE-2022-49136
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Fix queuing commands when HCI_UNREGISTER is set hci_cmd_sync_queue shall return an error if …

Feb 26, 2025
CVE-2022-49129
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix crash when startup fails. If the nic fails to start, it is …

Feb 26, 2025
CVE-2022-49127
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: ref_tracker: implement use-after-free detection Whenever ref_tracker_dir_init() is called, mark the struct ref_tracker_dir as dead. Test …

Feb 26, 2025
CVE-2022-49114
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix use after free in fc_exch_abts_resp() fc_exch_release(ep) will decrease the ep's reference count. …

Feb 26, 2025
CVE-2022-49111
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use after free in hci_send_acl This fixes the following trace caused by receiving …

Feb 26, 2025
CVE-2022-49094
7.1 HIGH

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix slab-out-of-bounds bug in decrypt_internal The memory size of tls_ctx->rx.iv for AES128-CCM is 12 …

Feb 26, 2025
CVE-2022-49093
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: skbuff: fix coalescing for page_pool fragment recycling Fix a use-after-free when using page_pool with page …

Feb 26, 2025
CVE-2022-49087
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix a race in rxrpc_exit_net() Current code can lead to the following race: CPU0 …

Feb 26, 2025
CVE-2022-49085
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: drbd: Fix five use after free bugs in get_initial_state In get_initial_state, it calls notify_initial_state_done(skb,..) if …

Feb 26, 2025
CVE-2022-49082
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use after free in _scsih_expander_node_remove() The function mpt3sas_transport_port_remove() called in _scsih_expander_node_remove() frees …

Feb 26, 2025
CVE-2022-49078
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4_decompress_safe_partial read out of bound When partialDecoding, it is EOF if we've either …

Feb 26, 2025
CVE-2022-49076
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix use-after-free bug for mm struct Under certain conditions, such as MPI_Abort, the hfi1 …

Feb 26, 2025
CVE-2022-49073
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: ata: sata_dwc_460ex: Fix crash due to OOB write the driver uses libata's "tag" values from …

Feb 26, 2025
CVE-2022-49063
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: ice: arfs: fix use-after-free when freeing @rx_cpu_rmap The CI testing bots triggered the following splat: …

Feb 26, 2025
CVE-2022-49062
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix KASAN slab-out-of-bounds in cachefiles_set_volume_xattr Use the actual length of volume coherency data when …

Feb 26, 2025
CVE-2022-49059
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flush_workqueue to prevent uaf Our detector found a concurrent use-after-free bug when …

Feb 26, 2025
CVE-2022-49058
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning: arch/x86/crypto/poly1305_glue.c:198 poly1305_update_arch() error: __memcpy() …

Feb 26, 2025
CVE-2022-49053
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmu: Fix possible page UAF tcmu_try_get_data_page() looks up pages under cmdr_lock, but it …

Feb 26, 2025
CVE-2022-49047
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: ep93xx: clock: Fix UAF in ep93xx_clk_register_gate() arch/arm/mach-ep93xx/clock.c:154:2: warning: Use of memory after it is freed …

Feb 26, 2025
CVE-2022-49044
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: dm integrity: fix memory corruption when tag_size is less than digest size It is possible …

Feb 26, 2025
CVE-2021-47656
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: jffs2: fix use-after-free in jffs2_clear_xattr_subsystem When we mount a jffs2 image, assume that the first …

Feb 26, 2025
CVE-2021-47653
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: media: davinci: vpif: fix use-after-free on driver unbind The driver allocates and registers two platform …

Feb 26, 2025
CVE-2021-47646
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: Revert "Revert "block, bfq: honor already-setup queue merges"" A crash [1] happened to be triggered …

Feb 26, 2025
CVE-2021-47642
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow Coverity complains of a possible buffer …

Feb 26, 2025
CVE-2021-47640
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix early region not updated correctly The shadow's page table is not updated when …

Feb 26, 2025
CVE-2021-47639
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Zap _all_ roots when unmapping gfn range in TDP MMU Zap both valid …

Feb 26, 2025
CVE-2021-47636
7.1 HIGH

In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() Function ubifs_wbuf_write_nolock() may access buf out of bounds in …

Feb 26, 2025
CVE-2021-47634
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl Hulk Robot reported a KASAN report about …

Feb 26, 2025
CVE-2021-47633
7.1 HIGH

In the Linux kernel, the following vulnerability has been resolved: ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 The bug was found during fuzzing. Stacktrace locates it in …

Feb 26, 2025
CVE-2025-25515
8.8 HIGH

Seacms <=13.3 is vulnerable to SQL Injection in admin_collect.php that allows an authenticated attacker to exploit the database.

Feb 25, 2025
CVE-2025-0514
7.8 HIGH

Improper Input Validation vulnerability in The Document Foundation LibreOffice allows Windows Executable hyperlink targets to be executed unconditionally on activation.This issue affects LibreOffice: from 24.8 …

Feb 25, 2025
CVE-2025-27148
8.8 HIGH

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. On Unix-like systems, the system temporary directory can be …

Feb 25, 2025
CVE-2024-0148
7.6 HIGH

NVIDIA Jetson Linux and IGX OS image contains a vulnerability in the UEFI firmware RCM boot mode, where an unprivileged attacker with physical access to …

Feb 25, 2025
CVE-2025-27142
8.8 HIGH

LocalSend is a free, open-source app that allows users to securely share files and messages with nearby devices over their local network without needing an …

Feb 25, 2025
CVE-2025-27110
7.5 HIGH

Libmodsecurity is one component of the ModSecurity v3 project. The library codebase serves as an interface to ModSecurity Connectors taking in web traffic and applying …

Feb 25, 2025
CVE-2024-45421
8.5 HIGH

Buffer overflow in some Zoom Apps may allow an authenticated user to conduct an escalation of privilege via network access.

Feb 25, 2025
CVE-2024-36259
7.5 HIGH

Improper access control in mail module of Odoo Community 17.0 and Odoo Enterprise 17.0 allows remote authenticated attackers to extract sensitive information via an oracle-based …

Feb 25, 2025
CVE-2025-23046
7.5 HIGH

GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.18, if a "Mail servers" authentication provider …

Feb 25, 2025
CVE-2024-12368
8.1 HIGH

Improper access control in the auth_oauth module of Odoo Community 15.0 and Odoo Enterprise 15.0 allows an internal user to export the OAuth tokens of …

Feb 25, 2025
CVE-2025-1068
7.3 HIGH

There is an untrusted search path vulnerability in Esri ArcGIS AllSource 1.2 and 1.3 that may allow a low privileged attacker with write privileges to …

Feb 25, 2025
CVE-2025-1067
7.3 HIGH

There is an untrusted search path vulnerability in Esri ArcGIS Pro 3.3 and 3.4 that may allow a low privileged attacker with write privileges to …

Feb 25, 2025
CVE-2025-26601
7.8 HIGH

A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, …

Feb 25, 2025
CVE-2025-26600
7.8 HIGH

A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while …

Feb 25, 2025
CVE-2025-26599
7.8 HIGH

An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. …

Feb 25, 2025
CVE-2025-26598
7.8 HIGH

An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice() searches for the pointer device based on its device ID and returns …

Feb 25, 2025
CVE-2025-26597
7.8 HIGH

A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table …

Feb 25, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.