Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2025-38676

    In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel command line is considered trusted in most environments, avoid writing 1 byte past the end of "acpiid" if the... Read more

    Affected Products : linux_kernel
    • Published: Aug. 26, 2025
    • Modified: Aug. 28, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38671

    In the Linux kernel, the following vulnerability has been resolved: i2c: qup: jump out of the loop in case of timeout Original logic only sets the return value but doesn't jump out of the loop if the bus is kept active by a client. This is not expected.... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2025
    • Modified: Aug. 28, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-38652

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - truncate -s $((1024*1024*1024)) \ /mnt/f2fs/012345678... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2025
    • Modified: Aug. 28, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NONE
    CVE-2025-3773

    A sensitive information exposure vulnerability in System Information Reporter (SIR) 1.0.3 and prior allows an authenticated non-admin local user to extract sensitive information stored in a registry backup folder.... Read more

    Affected Products :
    • Published: Jun. 26, 2025
    • Modified: Jun. 26, 2025
    • Vuln Type: Information Disclosure

  • 0.0

    NONE
    CVE-2025-3722

    A path traversal vulnerability in System Information Reporter (SIR) 1.0.3 and prior allowed an authenticated high privileged user to issue malicious ePO post requests to System Information Reporter, leading to creation of files anywhere on the filesyst... Read more

    Affected Products :
    • Published: Jun. 26, 2025
    • Modified: Jun. 26, 2025
    • Vuln Type: Path Traversal

  • 0.0

    NA
    CVE-2023-53053

    In the Linux kernel, the following vulnerability has been resolved: erspan: do not use skb_mac_header() in ndo_start_xmit() Drivers should not assume skb_mac_header(skb) == skb->data in their ndo_start_xmit(). Use skb_network_offset() and skb_transport... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53103

    In the Linux kernel, the following vulnerability has been resolved: bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails syzbot reported a warning[1] where the bond device itself is a slave and we try to enslave a non-ethernet device as... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53115

    In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix memory leaks in mpi3mr_init_ioc() Don't allocate memory again when IOC is being reinitialized.... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025

  • 0.0

    NA
    CVE-2025-38487

    In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled Mitigate e.g. the following: # echo 1e789080.lpc-snoop > /sys/bus/platform/drivers/aspeed-lpc-snoop/unbind ..... Read more

    Affected Products : linux_kernel
    • Published: Jul. 28, 2025
    • Modified: Aug. 28, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38650

    In the Linux kernel, the following vulnerability has been resolved: hfsplus: remove mutex_lock check in hfsplus_free_extents Syzbot reported an issue in hfsplus filesystem: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 4400 at fs/hfsplus/ex... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2025
    • Modified: Aug. 28, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-38623

    In the Linux kernel, the following vulnerability has been resolved: PCI: pnv_php: Fix surprise plug detection and recovery The existing PowerNV hotplug code did not handle surprise plug events correctly, leading to a complete failure of the hotplug syst... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2025
    • Modified: Aug. 28, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38677

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in dnode page As Jiaming Zhang reported: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x1c1/0x2a0 lib/dump_stack.c:120 ... Read more

    Affected Products : linux_kernel
    • Published: Aug. 30, 2025
    • Modified: Sep. 02, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38618

    In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDR_PORT_ANY It is possible for a vsock to autobind to VMADDR_PORT_ANY. This can cause a use-after-free when a connection is made to the bound socket. ... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2025
    • Modified: Aug. 28, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38481

    In the Linux kernel, the following vulnerability has been resolved: comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large The handling of the `COMEDI_INSNLIST` ioctl allocates a kernel buffer to hold the array of `struct comedi_insn`, getting the l... Read more

    Affected Products : linux_kernel
    • Published: Jul. 28, 2025
    • Modified: Aug. 28, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-38617

    In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_set_ring() releases po->bind_lock, another thread can run packet_notifier() and process an NETDEV_UP event.... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2025
    • Modified: Aug. 28, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-38609

    In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Check governor before using governor->name Commit 96ffcdf239de ("PM / devfreq: Remove redundant governor_name from struct devfreq") removes governor_name and uses governor... Read more

    Affected Products : linux_kernel
    • Published: Aug. 19, 2025
    • Modified: Aug. 28, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38602

    In the Linux kernel, the following vulnerability has been resolved: iwlwifi: Add missing check for alloc_ordered_workqueue Add check for the return value of alloc_ordered_workqueue since it may return NULL pointer.... Read more

    Affected Products : linux_kernel
    • Published: Aug. 19, 2025
    • Modified: Aug. 28, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38495

    In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, ... Read more

    Affected Products : linux_kernel
    • Published: Jul. 28, 2025
    • Modified: Aug. 28, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38491

    In the Linux kernel, the following vulnerability has been resolved: mptcp: make fallback action and fallback decision atomic Syzkaller reported the following splat: WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 __mptcp_do_fallback net/mptcp/... Read more

    Affected Products : linux_kernel
    • Published: Jul. 28, 2025
    • Modified: Aug. 28, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-38583

    In the Linux kernel, the following vulnerability has been resolved: clk: xilinx: vcu: unregister pll_post only if registered correctly If registration of pll_post is failed, it will be set to NULL or ERR, unregistering same will fail with following call... Read more

    Affected Products : linux_kernel
    • Published: Aug. 19, 2025
    • Modified: Aug. 28, 2025
    • Vuln Type: Misconfiguration
Showing 20 of 293625 Results