Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2025-39960

    In the Linux kernel, the following vulnerability has been resolved: gpiolib: acpi: initialize acpi_gpio_info struct Since commit 7c010d463372 ("gpiolib: acpi: Make sure we fill struct acpi_gpio_info"), uninitialized acpi_gpio_info struct are passed to _... Read more

    Affected Products : linux_kernel
    • Published: Oct. 09, 2025
    • Modified: Oct. 09, 2025

  • 6.1

    MEDIUM
    CVE-2025-27045

    Information disclosure while processing batch command execution in Video driver.... Read more

    Affected Products :
    • Published: Oct. 09, 2025
    • Modified: Oct. 09, 2025
    • Vuln Type: Information Disclosure

  • 9.8

    CRITICAL
    CVE-2025-10586

    The Community Events plugin for WordPress is vulnerable to SQL Injection via the ‘event_venue’ parameter in all versions up to, and including, 1.5.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the exis... Read more

    Affected Products : community_events
    • Published: Oct. 09, 2025
    • Modified: Oct. 09, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-47338

    Memory corruption while processing escape commands from userspace.... Read more

    Affected Products :
    • Published: Oct. 09, 2025
    • Modified: Oct. 09, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-47341

    memory corruption while processing an image encoding completion event.... Read more

    Affected Products :
    • Published: Oct. 09, 2025
    • Modified: Oct. 09, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-47351

    Memory corruption while processing user buffers.... Read more

    Affected Products :
    • Published: Oct. 09, 2025
    • Modified: Oct. 09, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-47354

    Memory corruption while allocating buffers in DSP service.... Read more

    Affected Products :
    • Published: Oct. 09, 2025
    • Modified: Oct. 09, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-27053

    Memory corruption during PlayReady APP usecase while processing TA commands.... Read more

    Affected Products :
    • Published: Oct. 09, 2025
    • Modified: Oct. 09, 2025
    • Vuln Type: Memory Corruption

  • 7.2

    HIGH
    CVE-2025-10239

    In Flowmon versions prior to 12.5.5, a vulnerability has been identified that allows a user with administrator privileges and access to the management interface to execute additional unintended commands within scripts intended for troubleshooting purposes... Read more

    Affected Products : flowmon
    • Published: Oct. 09, 2025
    • Modified: Oct. 09, 2025
    • Vuln Type: Misconfiguration

  • 8.8

    HIGH
    CVE-2025-10240

    A vulnerability exists in the Progress Flowmon web application prior to version 12.5.5, whereby a user who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated session.... Read more

    Affected Products : flowmon
    • Published: Oct. 09, 2025
    • Modified: Oct. 09, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 8.8

    HIGH
    CVE-2025-11535

    MongoDB Connector for BI installation via MSI on Windows leaves ACLs unset on custom install directories allows Privilege Escalation.This issue affects MongoDB Connector for BI: from 2.0.0 through 2.14.24.... Read more

    Affected Products :
    • Published: Oct. 08, 2025
    • Modified: Oct. 09, 2025
    • Vuln Type: Misconfiguration

  • 7.8

    HIGH
    CVE-2025-27048

    Memory corruption while processing camera platform driver IOCTL calls.... Read more

    Affected Products :
    • Published: Oct. 09, 2025
    • Modified: Oct. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39958

    In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Make attach succeed when the device was surprise removed When a PCI device is removed with surprise hotplug, there may still be attempts to attach the device to the default ... Read more

    Affected Products : linux_kernel
    • Published: Oct. 09, 2025
    • Modified: Oct. 09, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-39955

    In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). syzbot reported the splat below where a socket had tcp_sk(sk)->fastopen_rsk in the TCP_ESTABLISHED state. [0] syzbot reused the... Read more

    Affected Products : linux_kernel
    • Published: Oct. 09, 2025
    • Modified: Oct. 09, 2025
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2025-11522

    The Search & Go - Directory WordPress Theme theme for WordPress is vulnerable to Authentication Bypass via account takeover in all versions up to, and including, 2.7. This is due to insufficient user validation in the search_and_go_elated_check_facebook_u... Read more

    Affected Products :
    • Published: Oct. 09, 2025
    • Modified: Oct. 09, 2025
    • Vuln Type: Authentication

  • 8.8

    HIGH
    CVE-2025-6038

    The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for WordPress is vulnerable to privilege escalation via password update in all versions up to, and including, 1.4.0. This is due to the plugin not properly validat... Read more

    Affected Products :
    • Published: Oct. 09, 2025
    • Modified: Oct. 09, 2025
    • Vuln Type: Authentication

  • 7.8

    HIGH
    CVE-2025-47355

    Memory corruption while invoking remote procedure IOCTL calls.... Read more

    Affected Products :
    • Published: Oct. 09, 2025
    • Modified: Oct. 09, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-27049

    Transient DOS while processing IOCTL call for image encoding.... Read more

    Affected Products :
    • Published: Oct. 09, 2025
    • Modified: Oct. 09, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2025-27041

    Transient DOS while processing video packets received from video firmware.... Read more

    Affected Products :
    • Published: Oct. 09, 2025
    • Modified: Oct. 09, 2025
    • Vuln Type: Denial of Service

  • 6.5

    MEDIUM
    CVE-2025-10249

    The Slider Revolution plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions in all versions up to, and including, 6.7.37. This makes it possible for authenticated attacker... Read more

    Affected Products : slider_revolution
    • Published: Oct. 09, 2025
    • Modified: Oct. 09, 2025
    • Vuln Type: Authorization
Showing 20 of 3969 Results