Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2025-38587

    In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible infinite loop in fib6_info_uses_dev() fib6_info_uses_dev() seems to rely on RCU without an explicit protection. Like the prior fix in rt6_nlmsg_size(), we need to ma... Read more

    Affected Products : linux_kernel
    • Published: Aug. 19, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-38582

    In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix double destruction of rsv_qp rsv_qp may be double destroyed in error flow, first in free_mr_init(), and then in hns_roce_exit(). Fix it by moving the free_mr_init() call i... Read more

    Affected Products : linux_kernel
    • Published: Aug. 19, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38591

    In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = *(u8 *)(r1 + 169); exit; With poi... Read more

    Affected Products : linux_kernel
    • Published: Aug. 19, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38614

    In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EP_MAX_NESTS+1 links. Currently, ep_loop_check_proc() ensures that the graph is l... Read more

    Affected Products : linux_kernel
    • Published: Aug. 19, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-38589

    In the Linux kernel, the following vulnerability has been resolved: neighbour: Fix null-ptr-deref in neigh_flush_dev(). kernel test robot reported null-ptr-deref in neigh_flush_dev(). [0] The cited commit introduced per-netdev neighbour list and conver... Read more

    Affected Products : linux_kernel
    • Published: Aug. 19, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38560

    In the Linux kernel, the following vulnerability has been resolved: x86/sev: Evict cache lines during SNP memory validation An SNP cache coherency vulnerability requires a cache line eviction mitigation when validating memory after a page state change t... Read more

    Affected Products : linux_kernel
    • Published: Aug. 19, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38571

    In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tls_alert_recv due to its assumption that there is valid data in the msghdr's iterato... Read more

    Affected Products : linux_kernel
    • Published: Aug. 19, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38556

    In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton() against conversion to 0 bits Testing by the syzbot fuzzer showed that the HID core gets a shift-out-of-bounds exception when it tries to convert a 32-bit quan... Read more

    Affected Products : linux_kernel
    • Published: Aug. 19, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-38573

    In the Linux kernel, the following vulnerability has been resolved: spi: cs42l43: Property entry should be a null-terminated array The software node does not specify a count of property entries, so the array must be null-terminated. When unterminated, ... Read more

    Affected Products : linux_kernel
    • Published: Aug. 19, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38581

    In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix crash when rebind ccp device for ccp.ko When CONFIG_CRYPTO_DEV_CCP_DEBUGFS is enabled, rebinding the ccp device causes the following crash: $ echo '0000:0a:00.2' > /s... Read more

    Affected Products : linux_kernel
    • Published: Aug. 19, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38602

    In the Linux kernel, the following vulnerability has been resolved: iwlwifi: Add missing check for alloc_ordered_workqueue Add check for the return value of alloc_ordered_workqueue since it may return NULL pointer.... Read more

    Affected Products : linux_kernel
    • Published: Aug. 19, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2024-29291

    An issue in Laravel Framework 8 through 11 might allow a remote attacker to discover database credentials in storage/logs/laravel.log. NOTE: this is disputed by multiple third parties because the owner of a Laravel Framework installation can choose to hav... Read more

    Affected Products : framework
    • Published: Apr. 16, 2024
    • Modified: Nov. 21, 2024

  • 0.0

    NONE
    CVE-2024-32037

    GeoNetwork is a catalog application to manage spatially referenced resources. In versions prior to 4.2.10 and 4.4.5, the search end-point response headers contain information about Elasticsearch software in use. This information is valuable from a securit... Read more

    Affected Products :
    • Published: Feb. 11, 2025
    • Modified: Feb. 11, 2025
    • Vuln Type: Information Disclosure

  • 0.0

    NONE
    CVE-2024-51736

    Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. On Windows, when an executable file named `cmd.exe` is located in the current working directory it will be called by the `Process` class when preparing c... Read more

    Affected Products : symfony
    • Published: Nov. 06, 2024
    • Modified: Nov. 08, 2024

  • 0.0

    NONE
    CVE-2024-50356

    Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). The password could be reset by anyone who have access to the mail inbox circumventing the 2FA. Even though they wouldn'... Read more

    Affected Products :
    • Published: Oct. 31, 2024
    • Modified: Nov. 01, 2024

  • 0.0

    NA
    CVE-2025-38390

    In the Linux kernel, the following vulnerability has been resolved: firmware: arm_ffa: Fix memory leak by freeing notifier callback node Commit e0573444edbf ("firmware: arm_ffa: Add interfaces to request notification callbacks") adds support for notifie... Read more

    Affected Products : linux_kernel
    • Published: Jul. 25, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2021-47533

    In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: Clear the HVS FIFO commit pointer once done Commit 9ec03d7f1ed3 ("drm/vc4: kms: Wait on previous FIFO users before a commit") introduced a wait on the previous commit done... Read more

    Affected Products : linux_kernel
    • Published: May. 24, 2024
    • Modified: Nov. 21, 2024

  • 0.0

    NA
    CVE-2025-21827

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Add locks for usb_driver_claim_interface() The documentation for usb_driver_claim_interface() says that "the device lock" is needed when the function is call... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Mar. 06, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2021-47446

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/a4xx: fix error handling in a4xx_gpu_init() This code returns 1 on error instead of a negative error. It leads to an Oops in the caller. A second problem is that the check for... Read more

    Affected Products : linux_kernel
    • Published: May. 22, 2024
    • Modified: Nov. 21, 2024

  • 0.0

    NA
    CVE-2021-47395

    In the Linux kernel, the following vulnerability has been resolved: mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap Limit max values for vht mcs and nss in ieee80211_parse_tx_radiotap routine in order to fix the following warning rep... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Nov. 21, 2024
Showing 20 of 291205 Results