Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2025-37883

    In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Add check for get_zeroed_page() Add check for the return value of get_zeroed_page() in sclp_console_init() to prevent null pointer dereference. Furthermore, to solve the memo... Read more

    Affected Products : linux_kernel
    • Published: May. 09, 2025
    • Modified: May. 12, 2025

  • 0.0

    NA
    CVE-2025-37895

    In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix error handling path in bnxt_init_chip() WARN_ON() is triggered in __flush_work() if bnxt_init_chip() fails because we call cancel_work_sync() on dim work that has not been ... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2025
    • Modified: May. 21, 2025

  • 0.0

    NA
    CVE-2025-37948

    In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. O... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2025
    • Modified: Jun. 27, 2025

  • 0.0

    NA
    CVE-2025-37899

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess->user object can currently be in use by another thread, for example if another connection has sent a session setup request to bind t... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2025
    • Modified: May. 24, 2025

  • 0.0

    NA
    CVE-2025-37956

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent rename with empty string Client can send empty newname string to ksmbd server. It will cause a kernel oops from d_alloc. This patch return the error when attempting to re... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2025
    • Modified: May. 21, 2025

  • 0.0

    NA
    CVE-2025-37968

    In the Linux kernel, the following vulnerability has been resolved: iio: light: opt3001: fix deadlock due to concurrent flag access The threaded IRQ function in this driver is reading the flag twice: once to lock a mutex and once to unlock it. Even thou... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2025
    • Modified: May. 22, 2025

  • 0.0

    NA
    CVE-2025-37881

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() The variable d->name, returned by devm_kasprintf(), could be NULL. A pointer check is added to prevent potential NULL ... Read more

    Affected Products : linux_kernel
    • Published: May. 09, 2025
    • Modified: May. 12, 2025

  • 0.0

    NA
    CVE-2025-37889

    In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Consistently treat platform_max as control value This reverts commit 9bdd10d57a88 ("ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min"), and makes some additional... Read more

    Affected Products : linux_kernel
    • Published: May. 09, 2025
    • Modified: May. 12, 2025

  • 0.0

    NA
    CVE-2025-37936

    In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value. When generating the MSR_IA32_PEBS_ENABLE value that will be loaded on VM-Entry to a KVM guest, mask the value w... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2025
    • Modified: May. 21, 2025

  • 0.0

    NA
    CVE-2025-37917

    In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll Use spin_lock_irqsave and spin_unlock_irqrestore instead of spin_lock and spin_unlock in mtk_star_emac driver t... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2025
    • Modified: May. 21, 2025

  • 0.0

    NA
    CVE-2025-37879

    In the Linux kernel, the following vulnerability has been resolved: 9p/net: fix improper handling of bogus negative read/write replies In p9_client_write() and p9_client_read_once(), if the server incorrectly replies with success but a negative write/re... Read more

    Affected Products : linux_kernel
    • Published: May. 09, 2025
    • Modified: May. 12, 2025

  • 0.0

    NA
    CVE-2025-37896

    In the Linux kernel, the following vulnerability has been resolved: spi: spi-mem: Add fix to avoid divide error For some SPI flash memory operations, dummy bytes are not mandatory. For example, in Winbond SPINAND flash memory devices, the `write_cache` ... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2025
    • Modified: May. 21, 2025

  • 0.0

    NA
    CVE-2025-37937

    In the Linux kernel, the following vulnerability has been resolved: objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() If dib8000_set_dds()'s call to dib8000_read32() returns zero, the result is a divide-by-zero. Prevent that from hap... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2025
    • Modified: May. 21, 2025

  • 0.0

    NA
    CVE-2025-37890

    In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc class has a netem child qdisc. The crux... Read more

    Affected Products : linux_kernel
    • Published: May. 16, 2025
    • Modified: Jun. 04, 2025

  • 0.0

    NA
    CVE-2025-37878

    In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix WARN_ON(!ctx) in __free_event() for partial init Move the get_ctx(child_ctx) call and the child_event->ctx assignment to occur immediately after the child event is alloca... Read more

    Affected Products : linux_kernel
    • Published: May. 09, 2025
    • Modified: May. 12, 2025

  • 0.0

    NA
    CVE-2025-37951

    In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Add job to pending list if the reset was skipped When a CL/CSD job times out, we check if the GPU has made any progress since the last timeout. If so, instead of resetting the ... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2025
    • Modified: May. 21, 2025

  • 0.0

    NA
    CVE-2025-37866

    In the Linux kernel, the following vulnerability has been resolved: mlxbf-bootctl: use sysfs_emit_at() in secure_boot_fuse_state_show() A warning is seen when running the latest kernel on a BlueField SOC: [251.512704] ------------[ cut here ]-----------... Read more

    Affected Products : linux_kernel
    • Published: May. 09, 2025
    • Modified: May. 12, 2025

  • 0.0

    NA
    CVE-2025-37875

    In the Linux kernel, the following vulnerability has been resolved: igc: fix PTM cycle trigger logic Writing to clear the PTM status 'valid' bit while the PTM cycle is triggered results in unreliable PTM operation. To fix this, clear the PTM 'trigger' a... Read more

    Affected Products : linux_kernel
    • Published: May. 09, 2025
    • Modified: May. 12, 2025

  • 0.0

    NA
    CVE-2025-37953

    In the Linux kernel, the following vulnerability has been resolved: sch_htb: make htb_deactivate() idempotent Alan reported a NULL pointer dereference in htb_next_rb_node() after we made htb_qlen_notify() idempotent. It turns out in the following case ... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2025
    • Modified: Jun. 04, 2025

  • 0.0

    NA
    CVE-2025-37874

    In the Linux kernel, the following vulnerability has been resolved: net: ngbe: fix memory leak in ngbe_probe() error path When ngbe_sw_init() is called, memory is allocated for wx->rss_key in wx_init_rss_key(). However, in ngbe_probe() function, the sub... Read more

    Affected Products : linux_kernel
    • Published: May. 09, 2025
    • Modified: May. 12, 2025
Showing 20 of 291150 Results