U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

NOTICE UPDATED - April, 25th 2024

NIST has updated the NVD program announcement page with additional information regarding recent concerns and the temporary delays in enrichment efforts.


The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.

For information on how to the cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity
  • CVE-2024-35997 - In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up The flag I2C_HID_READ_PENDING is used to serialize I2C operations. However, this is not necessary, because I2C ... read CVE-2024-35997
    Published: May 20, 2024; 6:15:13 AM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2023-52827 - In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix possible out-of-bound read in ath12k_htt_pull_ppdu_stats() len is extracted from HTT message and could be an unexpected value in case errors happen, so add val... read CVE-2023-52827
    Published: May 21, 2024; 12:15:20 PM -0400

    V3.1: 7.1 HIGH

  • CVE-2023-52821 - In the Linux kernel, the following vulnerability has been resolved: drm/panel: fix a possible null pointer dereference In versatile_panel_get_modes(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointe... read CVE-2023-52821
    Published: May 21, 2024; 12:15:20 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2023-52817 - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL In certain types of chips, such as VEGA20, reading the amdgpu_regs_smc file could result in an abnormal n... read CVE-2023-52817
    Published: May 21, 2024; 12:15:19 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2023-52815 - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vkms: fix a possible null pointer dereference In amdgpu_vkms_conn_get_modes(), the return value of drm_cvt_mode() is assigned to mode, which will lead to a NULL point... read CVE-2023-52815
    Published: May 21, 2024; 12:15:19 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2023-52814 - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential null pointer derefernce The amdgpu_ras_get_context may return NULL if device not support ras feature, so add check before using.
    Published: May 21, 2024; 12:15:19 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2023-52809 - In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() fc_lport_ptp_setup() did not check the return value of fc_rport_create() which can return NULL and wo... read CVE-2023-52809
    Published: May 21, 2024; 12:15:19 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2023-52806 - In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix possible null-ptr-deref when assigning a stream While AudioDSP drivers assign streams exclusively of HOST or LINK type, nothing blocks a user to attempt to assign... read CVE-2023-52806
    Published: May 21, 2024; 12:15:18 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2023-52802 - In the Linux kernel, the following vulnerability has been resolved: iio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe() of_match_device() may fail and returns a NULL pointer. In practice there is no known reasonable way ... read CVE-2023-52802
    Published: May 21, 2024; 12:15:18 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2023-52783 - In the Linux kernel, the following vulnerability has been resolved: net: wangxun: fix kernel panic due to null pointer When the device uses a custom subsystem vendor ID, the function wx_sw_init() returns before the memory of 'wx->mac_table' is a... read CVE-2023-52783
    Published: May 21, 2024; 12:15:17 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2023-52773 - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer() When ddc_service_construct() is called, it explicitly checks both the link type and whether there is some... read CVE-2023-52773
    Published: May 21, 2024; 12:15:16 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2023-52772 - In the Linux kernel, the following vulnerability has been resolved: af_unix: fix use-after-free in unix_stream_read_actor() syzbot reported the following crash [1] After releasing unix socket lock, u->oob_skb can be changed by another thread. W... read CVE-2023-52772
    Published: May 21, 2024; 12:15:16 PM -0400

    V3.1: 7.8 HIGH

  • CVE-2023-52769 - In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix htt mlo-offset event locking The ath12k active pdevs are protected by RCU but the htt mlo-offset event handling code calling ath12k_mac_get_ar_by_pdev_id() was... read CVE-2023-52769
    Published: May 21, 2024; 12:15:16 PM -0400

    V3.1: 7.8 HIGH

  • CVE-2023-52760 - In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in gfs2_qd_dealloc In gfs2_put_super(), whether withdrawn or not, the quota should be cleaned up by gfs2_quota_cleanup(). Otherwise, struct gfs2_s... read CVE-2023-52760
    Published: May 21, 2024; 12:15:15 PM -0400

    V3.1: 7.8 HIGH

  • CVE-2023-52753 - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference of timing generator [Why & How] Check whether assigned timing generator is NULL or not before accessing its funcs to prevent NULL derefer... read CVE-2023-52753
    Published: May 21, 2024; 12:15:14 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2023-52752 - In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip SMB sessions that are being teared down (e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_sh... read CVE-2023-52752
    Published: May 21, 2024; 12:15:14 PM -0400

    V3.1: 7.8 HIGH

  • CVE-2024-36008 - In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL idev in ip_route_use_hint() syzbot was able to trigger a NULL deref in fib_validate_source() in an old tree [1]. It appears the bug exists in latest trees.... read CVE-2024-36008
    Published: May 20, 2024; 6:15:14 AM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2024-35990 - In the Linux kernel, the following vulnerability has been resolved: dma: xilinx_dpdma: Fix locking There are several places where either chan->lock or chan->vchan.lock was not held. Add appropriate locking. This fixes lockdep warnings like [ ... read CVE-2024-35990
    Published: May 20, 2024; 6:15:13 AM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2024-35984 - In the Linux kernel, the following vulnerability has been resolved: i2c: smbus: fix NULL function pointer dereference Baruch reported an OOPS when using the designware controller as target only. Target-only modes break the assumption of one tran... read CVE-2024-35984
    Published: May 20, 2024; 6:15:12 AM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2024-35982 - In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loop trying to resize local TT If the MTU of one of an attached interface becomes too small to transmit the local translation table then it must be re... read CVE-2024-35982
    Published: May 20, 2024; 6:15:12 AM -0400

    V3.1: 5.5 MEDIUM

Created September 20, 2022 , Updated April 25, 2024