Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2023-53132

    In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix mpi3mr_hba_port memory leak in mpi3mr_remove() Free mpi3mr_hba_port at .remove.... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53113

    In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix NULL-ptr deref in offchan check If, e.g. in AP mode, the link was already created by userspace but not activated yet, it has a chandef but the chandef isn't valid and... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53128

    In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix throttle_groups memory leak Add a missing kfree().... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Memory Corruption

  • 5.3

    MEDIUM
    CVE-2024-11615

    The Envolve Plugin plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 1.0 via the 'zetra_deleteLanguageFile' and 'zetra_deleteFontsFile' functions. This is due to the plugin not properly validating a file o... Read more

    Affected Products :
    • Published: May. 05, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Path Traversal

  • 0.0

    NA
    CVE-2025-37799

    In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp vmxnet3 driver's XDP handling is buggy for packet sizes using ring0 (that is, packet sizes between 128 - 3k bytes). We notic... Read more

    Affected Products : linux_kernel
    • Published: May. 03, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53118

    In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a procfs host directory removal regression scsi_proc_hostdir_rm() decreases a reference counter and hence must only be called once per host that is removed. This change ... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025

  • 0.0

    NA
    CVE-2023-53114

    In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during reboot when adapter is in recovery mode If the driver detects during probe that firmware is in recovery mode then i40e_init_recovery_mode() is called and t... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53127

    In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix expander node leak in mpi3mr_remove() Add a missing resource clean up in .remove.... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53116

    In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid potential UAF in nvmet_req_complete() An nvme target ->queue_response() operation implementation may free the request passed as argument. Such implementation potentially co... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53120

    In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix config page DMA memory leak A fix for: DMA-API: pci 0000:83:00.0: device driver has pending DMA allocations while released from device [count=1]... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53124

    In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() Port is allocated by sas_port_alloc_num() and rphy is allocated by either sas_end_device_alloc() or sas_expander_a... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53123

    In the Linux kernel, the following vulnerability has been resolved: PCI: s390: Fix use-after-free of PCI resources with per-function hotplug On s390 PCI functions may be hotplugged individually even when they belong to a multi-function device. In partic... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53135

    In the Linux kernel, the following vulnerability has been resolved: riscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode When CONFIG_FRAME_POINTER is unset, the stack unwinding function walk_stackframe randomly reads the stack and then, when K... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53139

    In the Linux kernel, the following vulnerability has been resolved: nfc: fdp: add null check of devm_kmalloc_array in fdp_nci_i2c_read_device_properties devm_kmalloc_array may fails, *fw_vsc_cfg might be null and cause out-of-bounds write in device_prop... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53134

    In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Avoid order-5 memory allocation for TPA data The driver needs to keep track of all the possible concurrent TPA (GRO/LRO) completions on the aggregation ring. On P5 chips, the ... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53140

    In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/${proc_name} directory earlier Remove the /proc/scsi/${proc_name} directory earlier to fix a race condition between unloading and reloading kernel modu... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2023-53144

    In the Linux kernel, the following vulnerability has been resolved: erofs: fix wrong kunmap when using LZMA on HIGHMEM platforms As the call trace shown, the root cause is kunmap incorrect pages: BUG: kernel NULL pointer dereference, address: 00000000... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53143

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix another off-by-one fsmap error on 1k block filesystems Apparently syzbot figured out that issuing this FSMAP call: struct fsmap_head cmd = { .fmh_count = ...; .fmh_keys = {... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53137

    In the Linux kernel, the following vulnerability has been resolved: ext4: Fix possible corruption when moving a directory When we are renaming a directory to a different directory, we need to update '..' entry in the moved directory. However nothing pre... Read more

    Affected Products : linux_kernel
    • Published: May. 02, 2025
    • Modified: May. 05, 2025
    • Vuln Type: Race Condition

  • 9.1

    CRITICAL
    CVE-2025-2905

    An XML External Entity (XXE) vulnerability exists in the gateway component of WSO2 API Manager due to insufficient validation of XML input in crafted URL paths. User-supplied XML is parsed without appropriate restrictions, enabling external entity resolut... Read more

    Affected Products :
    • Published: May. 05, 2025
    • Modified: May. 05, 2025
    • Vuln Type: XML External Entity
Showing 20 of 292720 Results