) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.
For information on how to cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.
Legal Disclaimer:
Here is where you can read the NVD legal disclaimer.
-
CVE-2022-50524 - In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Check return value after calling platform_get_resource() platform_get_resource() may return NULL pointer, we need check its return value to avoid null-ptr-deref ... read CVE-2022-50524
Published: October 07, 2025; 12:15:36 PM -0400V3.1: 5.5 MEDIUM
-
CVE-2023-53612 - In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Simplify platform device handling Coretemp's platform driver is unconventional. All the real work is done globally by the initcall and CPU hotplug notifiers, w... read CVE-2023-53612
Published: October 04, 2025; 12:15:57 PM -0400V3.1: 5.5 MEDIUM
-
CVE-2023-53609 - In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: core: Do not increase scsi_device's iorequest_cnt if dispatch failed" The "atomic_inc(&cmd->device->iorequest_cnt)" in scsi_queue_rq() would cause kernel pan... read CVE-2023-53609
Published: October 04, 2025; 12:15:57 PM -0400V3.1: 5.5 MEDIUM
-
CVE-2023-53610 - In the Linux kernel, the following vulnerability has been resolved: irqchip: Fix refcount leak in platform_irqchip_probe of_irq_find_parent() returns a node pointer with refcount incremented, We should use of_node_put() on it when not needed any... read CVE-2023-53610
Published: October 04, 2025; 12:15:57 PM -0400V3.1: 5.5 MEDIUM
-
CVE-2023-53611 - In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fix a memleak in try_smi_init() Kmemleak reported the following leak info in try_smi_init(): unreferenced object 0xffff00018ecf9400 (size 1024): comm "modprobe", pid... read CVE-2023-53611
Published: October 04, 2025; 12:15:57 PM -0400V3.1: 5.5 MEDIUM
-
CVE-2022-50404 - In the Linux kernel, the following vulnerability has been resolved: fbdev: fbcon: release buffer when fbcon_do_set_font() failed syzbot is reporting memory leak at fbcon_do_set_font() [1], for commit a5a923038d70 ("fbdev: fbcon: Properly revert ... read CVE-2022-50404
Published: September 18, 2025; 12:15:43 PM -0400V3.1: 5.5 MEDIUM
-
CVE-2023-53392 - In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix kernel panic during warm reset During warm reset device->fw_client is set to NULL. If a bus driver is registered after this NULL setting and before new f... read CVE-2023-53392
Published: September 18, 2025; 10:15:42 AM -0400V3.1: 7.1 HIGH
-
CVE-2022-50390 - In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UB... read CVE-2022-50390
Published: September 18, 2025; 10:15:37 AM -0400V3.1: 5.5 MEDIUM
-
CVE-2023-53232 - In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data The MT7921 driver no longer uses eeprom.data, but the relevant code has not been removed completely since com... read CVE-2023-53232
Published: September 15, 2025; 11:15:50 AM -0400V3.1: 7.1 HIGH
-
CVE-2023-53301 - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix kernel crash due to null io->bio We should return when io->bio is null before doing anything. Otherwise, panic. BUG: kernel NULL pointer dereference, address: 0000000... read CVE-2023-53301
Published: September 16, 2025; 4:15:39 AM -0400V3.1: 7.1 HIGH
-
CVE-2025-39763 - In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered If a synchronous error is detected as a result of user-space process triggering a 2-bit uncorre... read CVE-2025-39763
Published: September 11, 2025; 1:15:40 PM -0400V3.1: 5.5 MEDIUM
-
CVE-2025-39737 - In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup() A soft lockup warning was observed on a relative small system x86-64 system with 16 GB of memory when running a debug k... read CVE-2025-39737
Published: September 11, 2025; 1:15:35 PM -0400V3.1: 5.5 MEDIUM
-
CVE-2025-39721 - In the Linux kernel, the following vulnerability has been resolved: crypto: qat - flush misc workqueue during device shutdown Repeated loading and unloading of a device specific QAT driver, for example qat_4xxx, in a tight loop can lead to a cra... read CVE-2025-39721
Published: September 05, 2025; 2:15:49 PM -0400V3.1: 5.5 MEDIUM
-
CVE-2025-39687 - In the Linux kernel, the following vulnerability has been resolved: iio: light: as73211: Ensure buffer holes are zeroed Given that the buffer is copied to a kfifo that ultimately user space can read, ensure we zero it.
Published: September 05, 2025; 2:15:45 PM -0400V3.1: 7.1 HIGH
-
CVE-2025-39702 - In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this.
Published: September 05, 2025; 2:15:47 PM -0400V3.1: 7.0 HIGH
-
CVE-2026-27661 - A vulnerability has been identified in SINEC Security Monitor (All versions < V4.9.0). The affected application leaks confidential information in metadata, and files such as information on contributors and email address, on `SSM Server`.
Published: March 10, 2026; 2:18:44 PM -0400V3.1: 4.3 MEDIUM
-
CVE-2025-39682 - In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rx_list Each recvmsg() call must process either - only contiguous DATA records (any number of them) - one non-DATA record If t... read CVE-2025-39682
Published: September 05, 2025; 2:15:44 PM -0400V3.1: 7.1 HIGH
-
CVE-2025-38718 - In the Linux kernel, the following vulnerability has been resolved: sctp: linearize cloned gso packets in sctp_rcv A cloned head skb still shares these frag skbs in fraglist with the original head skb. It's not safe to access these frag skbs. s... read CVE-2025-38718
Published: September 04, 2025; 12:15:41 PM -0400V3.1: 7.8 HIGH
-
CVE-2026-30930 - Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, The TimescaleDB export module constructs SQL queries using string concatenation with unsanitized system monitoring data. The normalize() method wraps string values in... read CVE-2026-30930
Published: March 10, 2026; 2:18:52 PM -0400V3.1: 9.8 CRITICAL
-
CVE-2025-38715 - In the Linux kernel, the following vulnerability has been resolved: hfs: fix slab-out-of-bounds in hfs_bnode_read() This patch introduces is_bnode_offset_valid() method that checks the requested offset value. Also, it introduces check_and_correc... read CVE-2025-38715
Published: September 04, 2025; 12:15:40 PM -0400V3.1: 7.1 HIGH