U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database

NVD Dashboard

CVEs Received and Processed

CVEs Received and Processed

Please Wait

CVE Status Count

Please Wait

CVSS Score Spread

Please Wait

CVSS V3 Score Distribution

Severity Number of Vulns

CVSS V2 Score Distribution

Severity Number of Vulns


For information on how to the cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

  • CVE-2025-38673 - In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-framebuffer: Use dma_buf from GEM object instance" This reverts commit cce16fcd7446dcff7480cd9d2b6417075ed81065. The dma_buf field in struct drm_gem_object is n... read CVE-2025-38673
    Published: August 22, 2025; 12:15:42 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2025-38672 - In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-dma: Use dma_buf from GEM object instance" This reverts commit e8afa1557f4f963c9a511bd2c6074a941c308685. The dma_buf field in struct drm_gem_object is not stabl... read CVE-2025-38672
    Published: August 22, 2025; 12:15:42 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2025-38669 - In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-shmem: Use dma_buf from GEM object instance" This reverts commit 1a148af06000e545e714fe3210af3d77ff903c11. The dma_buf field in struct drm_gem_object is not sta... read CVE-2025-38669
    Published: August 22, 2025; 12:15:42 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2025-38667 - In the Linux kernel, the following vulnerability has been resolved: iio: fix potential out-of-bound write The buffer is set to 20 characters. If a caller write more characters, count is truncated to the max available space in "simple_write_to_bu... read CVE-2025-38667
    Published: August 22, 2025; 12:15:42 PM -0400

    V3.1: 7.8 HIGH

  • CVE-2025-38662 - In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8365-dai-i2s: pass correct size to mt8365_dai_set_priv Given mt8365_dai_set_priv allocate priv_size space to copy priv_data which means we should pass mt8365_i... read CVE-2025-38662
    Published: August 22, 2025; 12:15:41 PM -0400

    V3.1: 7.8 HIGH

  • CVE-2025-38661 - In the Linux kernel, the following vulnerability has been resolved: platform/x86: alienware-wmi-wmax: Fix `dmi_system_id` array Add missing empty member to `awcc_dmi_table`.
    Published: August 22, 2025; 12:15:41 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2025-38660 - In the Linux kernel, the following vulnerability has been resolved: [ceph] parse_longname(): strrchr() expects NUL-terminated string ... and parse_longname() is not guaranteed that. That's the reason why it uses kmemdup_nul() to build the argum... read CVE-2025-38660
    Published: August 22, 2025; 12:15:41 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2025-38717 - In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcm_unattach() syzbot found a race condition when kcm_unattach(psock) and kcm_release(kcm) are executed at the same time. kcm_unattach() is miss... read CVE-2025-38717
    Published: September 04, 2025; 12:15:41 PM -0400

    V3.1: 4.7 MEDIUM

  • CVE-2025-38716 - In the Linux kernel, the following vulnerability has been resolved: hfs: fix general protection fault in hfs_find_init() The hfs_find_init() method can trigger the crash if tree pointer is NULL: [ 45.746290][ T9787] Oops: general protection f... read CVE-2025-38716
    Published: September 04, 2025; 12:15:41 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2025-38710 - In the Linux kernel, the following vulnerability has been resolved: gfs2: Validate i_depth for exhash directories A fuzzer test introduced corruption that ends up with a depth of 0 in dir_e_read(), causing an undefined shift by 32 at: index =... read CVE-2025-38710
    Published: September 04, 2025; 12:15:40 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2025-38682 - In the Linux kernel, the following vulnerability has been resolved: i2c: core: Fix double-free of fwnode in i2c_unregister_device() Before commit df6d7277e552 ("i2c: core: Do not dereference fwnode in struct device"), i2c_unregister_device() onl... read CVE-2025-38682
    Published: September 04, 2025; 12:15:35 PM -0400

    V3.1: 7.8 HIGH

  • CVE-2025-38678 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject duplicate device on updates A chain/flowtable update with duplicated devices in the same batch is possible. Unfortunately, netdev event path only re... read CVE-2025-38678
    Published: September 03, 2025; 9:15:48 AM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2025-38675 - In the Linux kernel, the following vulnerability has been resolved: xfrm: state: initialize state_ptrs earlier in xfrm_state_find In case of preemption, xfrm_state_look_at will find a different pcpu_id and look up states for that other CPU. If w... read CVE-2025-38675
    Published: August 22, 2025; 12:15:43 PM -0400

    V3.1: 4.7 MEDIUM

  • CVE-2025-38674 - In the Linux kernel, the following vulnerability has been resolved: Revert "drm/prime: Use dma_buf from GEM object instance" This reverts commit f83a9b8c7fd0557b0c50784bfdc1bbe9140c9bf8. The dma_buf field in struct drm_gem_object is not stable ... read CVE-2025-38674
    Published: August 22, 2025; 12:15:43 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2025-39753 - In the Linux kernel, the following vulnerability has been resolved: gfs2: Set .migrate_folio in gfs2_{rgrp,meta}_aops Clears up the warning added in 7ee3647243e5 ("migrate: Remove call to ->writepage") that occurs in various xfstests, causing "s... read CVE-2025-39753
    Published: September 11, 2025; 1:15:39 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2025-38737 - In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uninitialised variable Fix smb3_init_transform_rq() to initialise buffer to NULL before calling netfs_alloc_folioq_buffer() as netfs assumes it can append ... read CVE-2025-38737
    Published: September 05, 2025; 2:15:43 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2025-38734 - In the Linux kernel, the following vulnerability has been resolved: net/smc: fix UAF on smcsk after smc_listen_out() BPF CI testing report a UAF issue: [ 16.446633] BUG: kernel NULL pointer dereference, address: 000000000000003 0 [ 16.... read CVE-2025-38734
    Published: September 05, 2025; 2:15:42 PM -0400

    V3.1: 7.8 HIGH

  • CVE-2025-38733 - In the Linux kernel, the following vulnerability has been resolved: s390/mm: Do not map lowcore with identity mapping Since the identity mapping is pinned to address zero the lowcore is always also mapped to address zero, this happens regardless... read CVE-2025-38733
    Published: September 05, 2025; 2:15:42 PM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2025-38731 - In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix vm_bind_ioctl double free bug If the argument check during an array bind fails, the bind_ops are freed twice as seen below. Fix this by setting bind_ops to NULL afte... read CVE-2025-38731
    Published: September 05, 2025; 2:15:42 PM -0400

    V3.1: 7.8 HIGH

  • CVE-2025-38730 - In the Linux kernel, the following vulnerability has been resolved: io_uring/net: commit partial buffers on retry Ring provided buffers are potentially only valid within the single execution context in which they were acquired. io_uring deals wi... read CVE-2025-38730
    Published: September 04, 2025; 12:15:43 PM -0400

    V3.1: 7.8 HIGH