Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2025-38422

    In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Modify the EEPROM and OTP size for PCI1xxxx devices Maximum OTP and EEPROM size for hearthstone PCI1xxxx devices are 8 Kb and 64 Kb respectively. Adjust max size definitio... Read more

    Affected Products : linux_kernel
    • Published: Jul. 25, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38669

    In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-shmem: Use dma_buf from GEM object instance" This reverts commit 1a148af06000e545e714fe3210af3d77ff903c11. The dma_buf field in struct drm_gem_object is not stable over... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38461

    In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport_* TOCTOU Transport assignment may race with module unload. Protect new_transport from becoming a stale pointer. This also takes care of an insecure call in vsock_u... Read more

    Affected Products : linux_kernel
    • Published: Jul. 25, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-38667

    In the Linux kernel, the following vulnerability has been resolved: iio: fix potential out-of-bound write The buffer is set to 20 characters. If a caller write more characters, count is truncated to the max available space in "simple_write_to_buffer". T... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38376

    In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume Shawn and John reported a hang issue during system suspend as below: - USB gadget is enabled as Ethernet - T... Read more

    Affected Products : linux_kernel
    • Published: Jul. 25, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38584

    In the Linux kernel, the following vulnerability has been resolved: padata: Fix pd UAF once and for all There is a race condition/UAF in padata_reorder that goes back to the initial commit. A reference count is taken at the start of the process in pada... Read more

    Affected Products : linux_kernel
    • Published: Aug. 19, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-38528

    In the Linux kernel, the following vulnerability has been resolved: bpf: Reject %p% format string in bprintf-like helpers static const char fmt[] = "%p%"; bpf_trace_printk(fmt, sizeof(fmt)); The above BPF program isn't rejected and causes a kernel ... Read more

    Affected Products : linux_kernel
    • Published: Aug. 16, 2025
    • Modified: Aug. 28, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38525

    In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix irq-disabled in local_bh_enable() The rxrpc_assess_MTU_size() function calls down into the IP layer to find out the MTU size for a route. When accepting an incoming call, th... Read more

    Affected Products : linux_kernel
    • Published: Aug. 16, 2025
    • Modified: Aug. 18, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-38413

    In the Linux kernel, the following vulnerability has been resolved: virtio-net: xsk: rx: fix the frame's length check When calling buf_to_xdp, the len argument is the frame data's length without virtio header's length (vi->hdr_len). We check that len wi... Read more

    Affected Products : linux_kernel
    • Published: Jul. 25, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38633

    In the Linux kernel, the following vulnerability has been resolved: clk: spacemit: mark K1 pll1_d8 as critical The pll1_d8 clock is enabled by the boot loader, and is ultimately a parent for numerous clocks, including those used by APB and AXI buses. Gu... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-38393

    In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN We found a few different systems hung up in writeback waiting on the same page lock, and one task waiting on the NFS_LAYOUT_DRAIN bit ... Read more

    Affected Products : linux_kernel
    • Published: Jul. 25, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-38580

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode use after free in ext4_end_io_rsv_work() In ext4_io_end_defer_completion(), check if io_end->list_vec is empty to avoid adding an io_end that requires no conversion to t... Read more

    Affected Products : linux_kernel
    • Published: Aug. 19, 2025
    • Modified: Aug. 20, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-23138

    In the Linux kernel, the following vulnerability has been resolved: watch_queue: fix pipe accounting mismatch Currently, watch_queue_set_size() modifies the pipe buffers charged to user->pipe_bufs without updating the pipe->nr_accounted on the pipe itse... Read more

    Affected Products : linux_kernel
    • Published: Apr. 16, 2025
    • Modified: Apr. 17, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38545

    In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw-nuss: Fix skb size by accounting for skb_shared_info While transitioning from netdev_alloc_ip_align() to build_skb(), memory for the "skb_shared_info" membe... Read more

    Affected Products : linux_kernel
    • Published: Aug. 16, 2025
    • Modified: Aug. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38647

    In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: sar: drop lockdep assertion in rtw89_set_sar_from_acpi The following assertion is triggered on the rtw89 driver startup. It looks meaningless to hold wiphy lock on the earl... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-23156

    In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi_parser: refactor hfi packet parsing logic words_count denotes the number of words in total payload, while data points to payload of various property within it. When wo... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-21817

    In the Linux kernel, the following vulnerability has been resolved: block: mark GFP_NOIO around sysfs ->store() sysfs ->store is called with queue freezed, meantime we have several ->store() callbacks(update_nr_requests, wbt, scheduler) to allocate memo... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025

  • 0.0

    NA
    CVE-2025-38658

    In the Linux kernel, the following vulnerability has been resolved: nvmet: pci-epf: Do not complete commands twice if nvmet_req_init() fails Have nvmet_req_init() and req->execute() complete failed commands. Description of the problem: nvmet_req_init()... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-23158

    In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add check to handle incorrect queue size qsize represents size of shared queued between driver and video firmware. Firmware can modify this value to an invalid large ... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38380

    In the Linux kernel, the following vulnerability has been resolved: i2c/designware: Fix an initialization issue The i2c_dw_xfer_init() function requires msgs and msg_write_idx from the dev context to be initialized. amd_i2c_dw_xfer_quirk() inits msgs a... Read more

    Affected Products : linux_kernel
    • Published: Jul. 25, 2025
    • Modified: Jul. 25, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 293354 Results