Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2025-10595

    A vulnerability has been found in SourceCodester Online Student File Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/delete_user.php. The manipulation of the argument user_id leads to sql injection. The attac... Read more

    Affected Products :
    • Published: Sep. 17, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Injection

  • 5.5

    MEDIUM
    CVE-2024-39491

    In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance The cs_dsp instance is initialized in the driver probe() so it should be freed in the driver remove(). Also fix a missing call to cs_... Read more

    Affected Products : linux_kernel
    • Published: Jul. 10, 2024
    • Modified: Sep. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-39488

    In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY When CONFIG_DEBUG_BUGVERBOSE=n, we fail to add necessary padding bytes to bug_table entries, and as a result the last entry in a b... Read more

    Affected Products : linux_kernel
    • Published: Jul. 10, 2024
    • Modified: Sep. 17, 2025

  • 7.5

    HIGH
    CVE-2024-0097

    NVIDIA ChatRTX for Windows contains a vulnerability in ChatRTX UI, where a user can cause an improper privilege management issue by exploiting interprocess communication between different processes. A successful exploit of this vulnerability might lead to... Read more

    Affected Products : windows chatrtx
    • Published: May. 14, 2024
    • Modified: Sep. 17, 2025

  • 7.5

    HIGH
    CVE-2024-0096

    NVIDIA ChatRTX for Windows contains a vulnerability in Chat RTX UI, where a user can cause an improper privilege management issue by sending user inputs to change execution flow. A successful exploit of this vulnerability might lead to information disclos... Read more

    Affected Products : windows chatrtx
    • Published: May. 14, 2024
    • Modified: Sep. 17, 2025

  • 5.3

    MEDIUM
    CVE-2025-58752

    Vite is a frontend tooling framework for JavaScript. Prior to versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20, any HTML files on the machine were served regardless of the `server.fs` settings. Only apps that explicitly expose the Vite dev server to the network (... Read more

    Affected Products : vite
    • Published: Sep. 08, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Misconfiguration

  • 7.1

    HIGH
    CVE-2024-39467

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode() syzbot reports a kernel bug as below: F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 ==================... Read more

    Affected Products : linux_kernel
    • Published: Jun. 25, 2024
    • Modified: Sep. 17, 2025

  • 4.7

    MEDIUM
    CVE-2024-39296

    In the Linux kernel, the following vulnerability has been resolved: bonding: fix oops during rmmod "rmmod bonding" causes an oops ever since commit cc317ea3d927 ("bonding: remove redundant NULL check in debugfs function"). Here are the relevant functio... Read more

    Affected Products : linux_kernel
    • Published: Jun. 25, 2024
    • Modified: Sep. 17, 2025

  • 4.7

    MEDIUM
    CVE-2024-39293

    In the Linux kernel, the following vulnerability has been resolved: Revert "xsk: Support redirect to any socket bound to the same umem" This reverts commit 2863d665ea41282379f108e4da6c8a2366ba66db. This patch introduced a potential kernel crash when mu... Read more

    Affected Products : linux_kernel
    • Published: Jun. 25, 2024
    • Modified: Sep. 17, 2025

  • 4.7

    MEDIUM
    CVE-2024-38306

    In the Linux kernel, the following vulnerability has been resolved: btrfs: protect folio::private when attaching extent buffer folios [BUG] Since v6.8 there are rare kernel crashes reported by various people, the common factor is bad page status error m... Read more

    Affected Products : linux_kernel
    • Published: Jun. 25, 2024
    • Modified: Sep. 17, 2025

  • 8.7

    HIGH
    CVE-2025-7970

    A security issue exists within FactoryTalk Activation Manager. An error in the implementation of cryptography within the software could allow attackers to decrypt traffic. This could result in data exposure, session hijacking, or full communication compr... Read more

    Affected Products : factorytalk_activation_manager
    • Published: Sep. 09, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Cryptography

  • 4.7

    MEDIUM
    CVE-2024-37354

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix crash on racing fsync and size-extending write into prealloc We have been seeing crashes on duplicate keys in btrfs_set_item_key_safe(): BTRFS critical (device vdb): slot ... Read more

    Affected Products : linux_kernel
    • Published: Jun. 25, 2024
    • Modified: Sep. 17, 2025

  • 7.1

    HIGH
    CVE-2025-8007

    A security issue exists in the protected mode of 1756-EN4TR and 1756-EN2TR communication modules, where a Concurrent Forward Close operation can trigger a Major Non-Recoverable (MNFR) fault. This condition may lead to unexpected system crashes and loss of... Read more

    • Published: Sep. 09, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2024-40921

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state Pass the already obtained vlan group pointer to br_mst_vlan_set_state() instead of dereferencing it again. Each calle... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025

  • 7.1

    HIGH
    CVE-2025-8008

    A security issue exists in the protected mode of EN4TR devices, where sending specifically crafted messages during a Forward Close operation can cause the device to crash.... Read more

    • Published: Sep. 09, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Denial of Service

  • 7.8

    HIGH
    CVE-2024-40920

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state I converted br_mst_set_state to RCU to avoid a vlan use-after-free but forgot to change the vlan group dereference helper.... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025

  • 6.3

    MEDIUM
    CVE-2024-40918

    In the Linux kernel, the following vulnerability has been resolved: parisc: Try to fix random segmentation faults in package builds PA-RISC systems with PA8800 and PA8900 processors have had problems with random segmentation faults for many years. Syst... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-40915

    In the Linux kernel, the following vulnerability has been resolved: riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context __kernel_map_pages() is a debug function which clears the valid bit in page table entry for deallocated pages to d... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025

  • 7.8

    HIGH
    CVE-2024-40913

    In the Linux kernel, the following vulnerability has been resolved: cachefiles: defer exposing anon_fd until after copy_to_user() succeeds After installing the anonymous fd, we can now see it in userland and close it. However, at this point we may not h... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025

  • 7.8

    HIGH
    CVE-2024-40900

    In the Linux kernel, the following vulnerability has been resolved: cachefiles: remove requests from xarray during flushing requests Even with CACHEFILES_DEAD set, we can still read the requests, so in the following concurrency the request may be used a... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025
Showing 20 of 294423 Results