Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NONE
    CVE-2025-37809

    In the Linux kernel, the following vulnerability has been resolved: usb: typec: class: Fix NULL pointer access Concurrent calls to typec_partner_unlink_device can lead to a NULL pointer dereference. This patch adds a mutex to protect USB device pointers... Read more

    Affected Products : linux_kernel
    • Published: May. 08, 2025
    • Modified: May. 08, 2025

  • 0.0

    NONE
    CVE-2025-37814

    In the Linux kernel, the following vulnerability has been resolved: tty: Require CAP_SYS_ADMIN for all usages of TIOCL_SELMOUSEREPORT This requirement was overeagerly loosened in commit 2f83e38a095f ("tty: Permit some TIOCL_SETSEL modes without CAP_SYS_... Read more

    Affected Products : linux_kernel
    • Published: May. 08, 2025
    • Modified: May. 08, 2025

  • 0.0

    NONE
    CVE-2025-37811

    In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: ci_hdrc_imx: fix usbmisc handling usbmisc is an optional device property so it is totally valid for the corresponding data->usbmisc_data to have a NULL value. Check that... Read more

    Affected Products : linux_kernel
    • Published: May. 08, 2025
    • Modified: May. 08, 2025

  • 0.0

    NONE
    CVE-2025-37822

    In the Linux kernel, the following vulnerability has been resolved: riscv: uprobes: Add missing fence.i after building the XOL buffer The XOL (execute out-of-line) buffer is used to single-step the replaced instruction(s) for uprobes. The RISC-V port wa... Read more

    Affected Products : linux_kernel
    • Published: May. 08, 2025
    • Modified: May. 08, 2025

  • 0.0

    NONE
    CVE-2025-37817

    In the Linux kernel, the following vulnerability has been resolved: mcb: fix a double free bug in chameleon_parse_gdd() In chameleon_parse_gdd(), if mcb_device_register() fails, 'mdev' would be released in mcb_device_register() via put_device(). Thus, g... Read more

    Affected Products : linux_kernel
    • Published: May. 08, 2025
    • Modified: May. 08, 2025

  • 0.0

    NONE
    CVE-2025-37826

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Add NULL check in ufshcd_mcq_compl_pending_transfer() Add a NULL check for the returned hwq pointer by ufshcd_mcq_req_to_hwq(). This is similar to the fix in commit 74... Read more

    Affected Products : linux_kernel
    • Published: May. 08, 2025
    • Modified: May. 08, 2025

  • 0.0

    NONE
    CVE-2025-37827

    In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: return EIO on RAID1 block group write pointer mismatch There was a bug report about a NULL pointer dereference in __btrfs_add_free_space_zoned() that ultimately happens be... Read more

    Affected Products : linux_kernel
    • Published: May. 08, 2025
    • Modified: May. 08, 2025

  • 0.0

    NONE
    CVE-2025-37831

    In the Linux kernel, the following vulnerability has been resolved: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() cpufreq_cpu_get_raw() can return NULL when the target CPU is not present in the policy->cpus mask. apple_soc_cpufr... Read more

    Affected Products : linux_kernel
    • Published: May. 08, 2025
    • Modified: May. 08, 2025

  • 0.0

    NONE
    CVE-2025-37834

    In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: don't try to reclaim hwpoison folio Syzkaller reports a bug as follows: Injecting memory failure for pfn 0x18b00e at process virtual address 0x20ffd000 Memory failure: 0x18b... Read more

    Affected Products : linux_kernel
    • Published: May. 08, 2025
    • Modified: May. 08, 2025

  • 0.0

    NONE
    CVE-2025-37821

    In the Linux kernel, the following vulnerability has been resolved: sched/eevdf: Fix se->slice being set to U64_MAX and resulting crash There is a code path in dequeue_entities() that can set the slice of a sched_entity to U64_MAX, which sometimes resul... Read more

    Affected Products : linux_kernel
    • Published: May. 08, 2025
    • Modified: May. 08, 2025

  • 0.0

    NONE
    CVE-2025-37824

    In the Linux kernel, the following vulnerability has been resolved: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() syzbot reported: tipc: Node number set to 1055423674 Oops: general protection fault, probably for non-canonical address 0xd... Read more

    Affected Products : linux_kernel
    • Published: May. 08, 2025
    • Modified: May. 08, 2025

  • 0.0

    NONE
    CVE-2025-37825

    In the Linux kernel, the following vulnerability has been resolved: nvmet: fix out-of-bounds access in nvmet_enable_port When trying to enable a port that has no transport configured yet, nvmet_enable_port() uses NVMF_TRTYPE_MAX (255) to query the trans... Read more

    Affected Products : linux_kernel
    • Published: May. 08, 2025
    • Modified: May. 08, 2025

  • 0.0

    NONE
    CVE-2025-37833

    In the Linux kernel, the following vulnerability has been resolved: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads Fix niu_try_msix() to not cause a fatal trap on sparc systems. Set PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on th... Read more

    Affected Products : linux_kernel
    • Published: May. 08, 2025
    • Modified: May. 08, 2025

  • 0.0

    NONE
    CVE-2025-1254

    Out-of-bounds Read, Out-of-bounds Write vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers, Overflow Buffers.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.0.0 before 6.1... Read more

    Affected Products : connext_professional
    • Published: May. 08, 2025
    • Modified: May. 08, 2025

  • 0.0

    NONE
    CVE-2025-40846

    Improper Input Validation, the returnUrl parameter in Account Security Settings lacks proper input validation, allowing attackers to redirect users to malicious websites (Open Redirect) and inject JavaScript code to perform cross site scripting attack. T... Read more

    Affected Products :
    • Published: May. 08, 2025
    • Modified: May. 08, 2025

  • 0.0

    NONE
    CVE-2025-1252

    Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 4.4 before 6.1.2.23.... Read more

    Affected Products : connext_professional
    • Published: May. 08, 2025
    • Modified: May. 08, 2025

  • 0.0

    NONE
    CVE-2025-1253

    Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.... Read more

    Affected Products : connext_professional
    • Published: May. 08, 2025
    • Modified: May. 08, 2025

  • 0.0

    NONE
    CVE-2025-3759

    Endpoint /cgi-bin-igd/netcore_set.cgi which is used for changing device configuration is accessible without authentication. This poses a significant security threat allowing for e.g: administrator account hijacking or AP password changing. The vendor was ... Read more

    Affected Products :
    • Published: May. 08, 2025
    • Modified: May. 08, 2025

  • 0.0

    NONE
    CVE-2025-3758

    WF2220 exposes endpoint /cgi-bin-igd/netcore_get.cgi that returns configuration of the device to unauthorized users. Returned configuration includes cleartext password. The vendor was contacted early about this disclosure but did not respond in any way.... Read more

    Affected Products :
    • Published: May. 08, 2025
    • Modified: May. 08, 2025

  • 8.2

    CVSS31
    CVE-2025-41450

    Improper Authentication vulnerability in Danfoss AKSM8xxA Series.This issue affects Danfoss AK-SM 8xxA Series prior to version 4.2... Read more

    Affected Products :
    • Published: May. 08, 2025
    • Modified: May. 08, 2025
Showing 20 of 462 Results
© cvefeed.io
Latest DB Update: May. 09, 2025 13:59