Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2022-48714

    In the Linux kernel, the following vulnerability has been resolved: bpf: Use VM_MAP instead of VM_ALLOC for ringbuf After commit 2fd3fb0be1d1 ("kasan, vmalloc: unpoison VM_ALLOC pages after mapping"), non-VM_ALLOC mappings will be marked as accessible i... Read more

    Affected Products : linux_kernel
    • Published: Jun. 20, 2024
    • Modified: Sep. 17, 2025

  • 5.5

    MEDIUM
    CVE-2022-48713

    In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/pt: Fix crash with stop filters in single-range mode Add a check for !buf->single before calling pt_buffer_region_size in a place where a missing check can cause a kernel... Read more

    Affected Products : linux_kernel
    • Published: Jun. 20, 2024
    • Modified: Sep. 17, 2025

  • 7.8

    HIGH
    CVE-2022-48712

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix error handling in ext4_fc_record_modified_inode() Current code does not fully takes care of krealloc() error case, which could lead to silent memory corruption or a kernel bug... Read more

    Affected Products : linux_kernel
    • Published: Jun. 20, 2024
    • Modified: Sep. 17, 2025

  • 5.5

    MEDIUM
    CVE-2022-48711

    In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipc_mon_rcv() allows a node to receive and process domain_record structs from peer nodes to track their views of... Read more

    Affected Products : linux_kernel
    • Published: Jun. 20, 2024
    • Modified: Sep. 17, 2025

  • 5.5

    MEDIUM
    CVE-2021-47618

    In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses software to simulate the instruction replaced by kprobe. some instructions may be simulated by constructing assembly ... Read more

    Affected Products : linux_kernel
    • Published: Jun. 20, 2024
    • Modified: Sep. 17, 2025

  • 4.7

    MEDIUM
    CVE-2024-38613

    In the Linux kernel, the following vulnerability has been resolved: m68k: Fix spinlock race in kernel thread creation Context switching does take care to retain the correct lock owner across the switch from 'prev' to 'next' tasks. This does rely on int... Read more

    Affected Products : linux_kernel
    • Published: Jun. 19, 2024
    • Modified: Sep. 17, 2025

  • 7.8

    HIGH
    CVE-2024-38610

    In the Linux kernel, the following vulnerability has been resolved: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() Patch series "mm: follow_pte() improvements and acrn follow_pte() fixes". Patch #1 fixes a bunch of issues I spotted in th... Read more

    Affected Products : linux_kernel
    • Published: Jun. 19, 2024
    • Modified: Sep. 17, 2025

  • 7.1

    HIGH
    CVE-2024-37078

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential kernel bug due to lack of writeback flag waiting Destructive writes to a block device on which nilfs2 is mounted can cause a kernel bug in the folio/page writeback... Read more

    Affected Products : linux_kernel
    • Published: Jun. 25, 2024
    • Modified: Sep. 17, 2025

  • 4.7

    MEDIUM
    CVE-2024-32936

    In the Linux kernel, the following vulnerability has been resolved: media: ti: j721e-csi2rx: Fix races while restarting DMA After the frame is submitted to DMA, it may happen that the submitted list is not updated soon enough, and the DMA callback is tr... Read more

    Affected Products : linux_kernel
    • Published: Jun. 24, 2024
    • Modified: Sep. 17, 2025

  • 7.1

    HIGH
    CVE-2024-34777

    In the Linux kernel, the following vulnerability has been resolved: dma-mapping: benchmark: fix node id validation While validating node ids in map_benchmark_ioctl(), node_possible() may be provided with invalid argument outside of [0,MAX_NUMNODES-1] ra... Read more

    Affected Products : linux_kernel
    • Published: Jun. 21, 2024
    • Modified: Sep. 17, 2025

  • 9.8

    CRITICAL
    CVE-2025-10473

    A security flaw has been discovered in yangzongzhuan RuoYi up to 4.8.1. This impacts the function filterKeyword of the file /com/ruoyi/common/utils/sql/SqlUtil.java of the component Blacklist Handler. The manipulation results in sql injection. The attack ... Read more

    Affected Products : ruoyi
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Injection

  • 5.5

    MEDIUM
    CVE-2024-38637

    In the Linux kernel, the following vulnerability has been resolved: greybus: lights: check return of get_channel_from_mode If channel for the given node is not found we return null from get_channel_from_mode. Make sure we validate the return pointer bef... Read more

    Affected Products : linux_kernel
    • Published: Jun. 21, 2024
    • Modified: Sep. 17, 2025

  • 7.1

    HIGH
    CVE-2024-38635

    In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completel... Read more

    Affected Products : linux_kernel
    • Published: Jun. 21, 2024
    • Modified: Sep. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-38622

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add callback function pointer check before its call In dpu_core_irq_callback_handler() callback function pointer is compared to NULL, but then callback function is uncondit... Read more

    Affected Products : linux_kernel
    • Published: Jun. 21, 2024
    • Modified: Sep. 17, 2025

  • 7.1

    HIGH
    CVE-2024-38621

    In the Linux kernel, the following vulnerability has been resolved: media: stk1160: fix bounds checking in stk1160_copy_video() The subtract in this condition is reversed. The ->length is the length of the buffer. The ->bytesused is how many bytes we ... Read more

    Affected Products : linux_kernel
    • Published: Jun. 21, 2024
    • Modified: Sep. 17, 2025

  • 9.8

    CRITICAL
    CVE-2025-10405

    A vulnerability was determined in itsourcecode Baptism Information Management System 1.0. Affected is an unknown function of the file /listbaptism.php. This manipulation of the argument bapt_id causes sql injection. It is possible to initiate the attack r... Read more

    • Published: Sep. 14, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-10407

    A vulnerability was identified in SourceCodester Student Grading System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_user.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the a... Read more

    Affected Products : student_grading_system
    • Published: Sep. 14, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Injection

  • 5.5

    MEDIUM
    CVE-2024-37356

    In the Linux kernel, the following vulnerability has been resolved: tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). In dctcp_update_alpha(), we use a module parameter dctcp_shift_g as follows: alpha -= min_not_zero(alpha, alpha >> dctcp_shift_g... Read more

    Affected Products : linux_kernel
    • Published: Jun. 21, 2024
    • Modified: Sep. 17, 2025

  • 8.8

    HIGH
    CVE-2025-10408

    A security flaw has been discovered in SourceCodester Student Grading System 1.0. Affected by this issue is some unknown functionality of the file /edit_user.php. Performing manipulation of the argument ID results in sql injection. The attack can be initi... Read more

    Affected Products : student_grading_system
    • Published: Sep. 14, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-10409

    A weakness has been identified in SourceCodester Student Grading System 1.0. This affects an unknown part of the file /rms.php?page=users. Executing manipulation of the argument fname can lead to sql injection. The attack can be launched remotely. The exp... Read more

    Affected Products : student_grading_system
    • Published: Sep. 14, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Injection
Showing 20 of 294447 Results