Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2025-37761

    In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix an out-of-bounds shift when invalidating TLB When the size of the range invalidated is larger than rounddown_pow_of_two(ULONG_MAX), The function macro roundup_pow_of_two(len... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-49784

    In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd/uncore: Fix memory leak for events array When a CPU comes online, the per-CPU NB and LLC uncore contexts are freed but not the events array within the context structure. Th... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-49767

    In the Linux kernel, the following vulnerability has been resolved: 9p/trans_fd: always use O_NONBLOCK read/write syzbot is reporting hung task at p9_fd_close() [1], for p9_mux_poll_stop() from p9_conn_destroy() from p9_fd_close() is failing to interru... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025

  • 0.0

    NA
    CVE-2022-49803

    In the Linux kernel, the following vulnerability has been resolved: netdevsim: Fix memory leak of nsim_dev->fa_cookie kmemleak reports this issue: unreferenced object 0xffff8881bac872d0 (size 8): comm "sh", pid 58603, jiffies 4481524462 (age 68.065s)... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-37760

    In the Linux kernel, the following vulnerability has been resolved: mm/vma: add give_up_on_oom option on modify/merge, use in uffd release Currently, if a VMA merge fails due to an OOM condition arising on commit merge or a failure to duplicate anon_vma... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-37750

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694 ("smb: client: allocate crypto only for primary server") and commit b0abcd65ec54 ("smb: client: fix UAF in... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-37775

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix the warning from __kernel_write_iter [ 2110.972290] ------------[ cut here ]------------ [ 2110.972301] WARNING: CPU: 3 PID: 735 at fs/read_write.c:599 __kernel_write_iter+0x... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025

  • 0.0

    NA
    CVE-2022-49849

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix match incorrectly in dev_args_match_device syzkaller found a failed assertion: assertion failed: (args->devid != (u64)-1) || args->missing, in fs/btrfs/volumes.c:6921 Thi... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2022-49780

    In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus() If device_register() fails in tcm_loop_setup_hba_bus(), the name allocated by dev_set_name() need be freed. As... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-49824

    In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in ata_tlink_add() In ata_tlink_add(), the return value of transport_add_device() is not checked. As a result, it causes null-ptr-deref while r... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-49825

    In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in ata_tport_add() In ata_tport_add(), the return value of transport_add_device() is not checked. As a result, it causes null-ptr-deref while r... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-49836

    In the Linux kernel, the following vulnerability has been resolved: siox: fix possible memory leak in siox_device_add() If device_register() returns error in siox_device_add(), the name allocated by dev_set_name() need be freed. As comment of device_reg... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-23141

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses Acquire a lock on kvm->srcu when userspace is getting MP state to handle a rather extreme edge case where "ac... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-23161

    In the Linux kernel, the following vulnerability has been resolved: PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type The access to the PCI config space via pci_ops::read and pci_ops::write is a low-level hardware access. The functions can be acces... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025

  • 4.3

    MEDIUM
    CVE-2025-25016

    Unrestricted file upload in Kibana allows an authenticated attacker to compromise software integrity by uploading a crafted malicious file due to insufficient server-side validation.... Read more

    Affected Products : kibana
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Authentication

  • 0.0

    NA
    CVE-2022-49782

    In the Linux kernel, the following vulnerability has been resolved: perf: Improve missing SIGTRAP checking To catch missing SIGTRAP we employ a WARN in __perf_event_overflow(), which fires if pending_sigtrap was already set: returning to user space with... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2022-49841

    In the Linux kernel, the following vulnerability has been resolved: serial: imx: Add missing .thaw_noirq hook The following warning is seen with non-console UART instance when system hibernates. [ 37.371969] ------------[ cut here ]------------ [ 3... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-23145

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in can_accept_new_subflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcp_can_accept_new_subflow' because subflow_req->msk is NULL. C... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-23245

    NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it allows a guest to access global resources. A successful exploit of this vulnerability might lead to denial of service.... Read more

    Affected Products :
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-37776

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smb_break_all_levII_oplock() There is a room in smb_break_all_levII_oplock that can cause racy issues when unlocking in the middle of the loop. This patch u... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2025
    • Modified: May. 02, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 292725 Results