Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2025-37945

    In the Linux kernel, the following vulnerability has been resolved: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY DSA has 2 kinds of drivers: 1. Those who call dsa_switch_suspend() and dsa_switch_resume() from ... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2025
    • Modified: May. 21, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38004

    In the Linux kernel, the following vulnerability has been resolved: can: bcm: add locking for bcm_op runtime updates The CAN broadcast manager (CAN BCM) can send a sequence of CAN frames via hrtimer. The content and also the length of the sequence can b... Read more

    Affected Products : linux_kernel
    • Published: Jun. 08, 2025
    • Modified: Jun. 09, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-38058

    In the Linux kernel, the following vulnerability has been resolved: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock ... or we risk stealing final mntput from sync umount - raising mnt_count after umount(2) has verified that vict... Read more

    Affected Products : linux_kernel
    • Published: Jun. 18, 2025
    • Modified: Jun. 18, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-38043

    In the Linux kernel, the following vulnerability has been resolved: firmware: arm_ffa: Set dma_mask for ffa devices Set dma_mask for FFA devices, otherwise DMA allocation using the device pointer lead to following warning: WARNING: CPU: 1 PID: 1 at ker... Read more

    Affected Products : linux_kernel
    • Published: Jun. 18, 2025
    • Modified: Jun. 18, 2025

  • 0.0

    NA
    CVE-2025-38022

    In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120 ... Read more

    Affected Products : linux_kernel
    • Published: Jun. 18, 2025
    • Modified: Jun. 18, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-38006

    In the Linux kernel, the following vulnerability has been resolved: net: mctp: Don't access ifa_index when missing In mctp_dump_addrinfo, ifa_index can be used to filter interfaces, but only when the struct ifaddrmsg is provided. Otherwise it will be co... Read more

    Affected Products : linux_kernel
    • Published: Jun. 18, 2025
    • Modified: Jun. 18, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-21738

    In the Linux kernel, the following vulnerability has been resolved: ata: libata-sff: Ensure that we cannot write outside the allocated buffer reveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len set to 0xd42, SCSI command set to ATA... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-21719

    In the Linux kernel, the following vulnerability has been resolved: ipmr: do not call mr_mfc_uses_dev() for unres entries syzbot found that calling mr_mfc_uses_dev() for unres entries would crash [1], because c->mfc_un.res.minvif / c->mfc_un.res.maxvif ... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-37930

    In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() Nouveau is mostly designed in a way that it's expected that fences only ever get signaled through nouveau_fence_signal(). Howeve... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2025
    • Modified: Jun. 04, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-37993

    In the Linux kernel, the following vulnerability has been resolved: can: m_can: m_can_class_allocate_dev(): initialize spin lock on device probe The spin lock tx_handling_spinlock in struct m_can_classdev is not being initialized. This leads the followi... Read more

    Affected Products : linux_kernel
    • Published: May. 29, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-37998

    In the Linux kernel, the following vulnerability has been resolved: openvswitch: Fix unsafe attribute parsing in output_userspace() This patch replaces the manual Netlink attribute iteration in output_userspace() with nla_for_each_nested(), which ensure... Read more

    Affected Products : linux_kernel
    • Published: May. 29, 2025
    • Modified: Aug. 09, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-21654

    In the Linux kernel, the following vulnerability has been resolved: ovl: support encoding fid from inode with no alias Dmitry Safonov reported that a WARN_ON() assertion can be trigered by userspace when calling inotify_show_fdinfo() for an overlayfs wa... Read more

    Affected Products : linux_kernel
    • Published: Jan. 19, 2025
    • Modified: Jan. 24, 2025
    • Vuln Type: Information Disclosure

  • 0.0

    NA
    CVE-2025-21832

    In the Linux kernel, the following vulnerability has been resolved: block: don't revert iter for -EIOCBQUEUED blkdev_read_iter() has a few odd checks, like gating the position and count adjustment on whether or not the result is bigger-than-or-equal to ... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Mar. 06, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-37975

    In the Linux kernel, the following vulnerability has been resolved: riscv: module: Fix out-of-bounds relocation access The current code allows rel[j] to access one element past the end of the relocation section. Simplify to num_relocations which is equi... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2025
    • Modified: May. 21, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-21648

    In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INT_MAX Use INT_MAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_n... Read more

    Affected Products : linux_kernel
    • Published: Jan. 19, 2025
    • Modified: Feb. 02, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-37938

    In the Linux kernel, the following vulnerability has been resolved: tracing: Verify event formats that have "%*p.." The trace event verifier checks the formats of trace events to make sure that they do not point at memory that is not in the trace event ... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2025
    • Modified: May. 21, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-21720

    In the Linux kernel, the following vulnerability has been resolved: xfrm: delete intermediate secpath entry in packet offload mode Packets handled by hardware have added secpath as a way to inform XFRM core code that this path was already handled. That ... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-37966

    In the Linux kernel, the following vulnerability has been resolved: riscv: Fix kernel crash due to PR_SET_TAGGED_ADDR_CTRL When userspace does PR_SET_TAGGED_ADDR_CTRL, but Supm extension is not available, the kernel crashes: Oops - illegal instruction ... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2025
    • Modified: May. 21, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-21643

    In the Linux kernel, the following vulnerability has been resolved: netfs: Fix kernel async DIO Netfslib needs to be able to handle kernel-initiated asynchronous DIO that is supplied with a bio_vec[] array. Currently, because of the async flag, this ge... Read more

    Affected Products : linux_kernel
    • Published: Jan. 19, 2025
    • Modified: Jan. 19, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-37947

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent out-of-bounds stream writes by validating *pos ksmbd_vfs_stream_write() did not validate whether the write offset (*pos) was within the bounds of the existing stream data... Read more

    Affected Products : linux_kernel
    • Published: May. 20, 2025
    • Modified: May. 21, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 294344 Results