Latest warnings
| CVE-2025-24294 |
<vuln:Note Title="FAQ" Type="FAQ" Ordinal="10"><p><strong>Is Azure Linux the only Microsoft product that inc
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-40777 |
A possible assertion failure when 'stale-answer-client-timeout' is set to '0'
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38386 |
ACPICA: Refuse to evaluate a method if arguments are missing
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38236 |
af_unix: Don't leave consecutive consumed OOB skbs.
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38105 |
ALSA: usb-audio: Kill timer properly at removal
|
MSRC | 2026‑02‑24 | High |
| CVE-2024-42516 |
Apache HTTP Server: HTTP response splitting
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-53020 |
Apache HTTP Server: HTTP/2 DoS by Memory Increase
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-49630 |
Apache HTTP Server: mod_proxy_http2 denial of service
|
MSRC | 2026‑02‑24 | High |
| CVE-2024-47252 |
Apache HTTP Server: mod_ssl error log variable escaping
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-49812 |
Apache HTTP Server: mod_ssl TLS upgrade attack
|
MSRC | 2026‑02‑24 | High |
| CVE-2024-43204 |
Apache HTTP Server: SSRF with mod_headers setting Content-Type header
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38170 |
arm64/fpsimd: Discard stale CPU state when handling SME traps
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38259 |
ASoC: codecs: wcd9335: Fix missing free of regulator supplies
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38438 |
ASoC: SOF: Intel: hda: Use devm_kstrdup() to avoid memleak.
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38459 |
atm: clip: Fix infinite recursive call of clip_push().
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38458 |
atm: clip: Fix NULL pointer dereference in vcc_sendmsg()
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-47988 |
Azure Monitor Agent Remote Code Execution Vulnerability
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38118 |
Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38285 |
bpf: Fix WARN() in get_bpf_raw_tp_regs
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38248 |
bridge: mcast: Fix use-after-free during router port configuration
|
MSRC | 2026‑02‑24 | High |
| CVE-2023-6175 |
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wireshark
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38313 |
bus: fsl-mc: fix double-free on mc_dev
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38429 |
bus: mhi: ep: Update read pointer only after buffer is written
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38147 |
calipso: Don't call calipso functions for AF_INET sk.
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38181 |
calipso: Fix null-ptr-deref in calipso_req_{set,del}attr().
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-49690 |
Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability
|
MSRC | 2026‑02‑24 | High |
| CVE-2024-48916 |
Ceph is vulnerable to authentication bypass through RadosGW
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38160 |
clk: bcm: rpi: Add NULL check in raspberrypi_clk_register()
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38131 |
coresight: prevent deactivate active config while enabling the config
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-47987 |
Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38140 |
dm: limit swapping tables for devices with zone write plugs
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38091 |
drm/amd/display: check stream id dml21 wrapper to get plane_id
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38449 |
drm/gem: Acquire references on GEM handles for framebuffers
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38409 |
drm/msm: Fix another leak in the submit error path
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38363 |
drm/tegra: Fix a possible null pointer dereference
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38349 |
eventpoll: don't decrement ep refcount while still holding the ep mutex
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38206 |
exfat: fix double free in delayed_free
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38198 |
fbcon: Make sure modelist not set on unregistered console
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38312 |
fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38214 |
fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38330 |
firmware: cs_dsp: Fix OOB memory read access in KUnit test (ctl cache)
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38329 |
firmware: cs_dsp: Fix OOB memory read access in KUnit test (wmfw info)
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38338 |
fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio()
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-7345 |
Gdk‑pixbuf: heap‑buffer‑overflow in gdk‑pixbuf
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-53547 |
Helm Chart Dependency Updating With Malicious Chart.yaml Content And Symlink Can Lead To Code Execution
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-48816 |
HID Class Driver Elevation of Privilege Vulnerability
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38494 |
HID: core: do not bypass hid_hw_raw_request
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38495 |
HID: core: ensure the allocated report buffer can contain the reserved report ID
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38283 |
hisi_acc_vfio_pci: bugfix live migration function without VF device driver
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38425 |
i2c: tegra: check msg length in SMBUS block read
|
MSRC | 2026‑02‑24 | High |
Page 1