Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2022-50551

    In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() This patch fixes a shift-out-of-bounds in brcmfmac that occurs in BIT(chiprev) when a 'chiprev' provided by... Read more

    Affected Products : linux_kernel
    • Published: Oct. 07, 2025
    • Modified: Oct. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50549

    In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata Following concurrent processes: P1(drop cache) P2(kworker) drop_caches_sysctl_handler... Read more

    Affected Products : linux_kernel
    • Published: Oct. 07, 2025
    • Modified: Oct. 08, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2022-50533

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: mlme: fix null-ptr deref on failed assoc If association to an AP without a link 0 fails, then we crash in tracing because it assumes that either ap_mld_addr or link 0 BS... Read more

    Affected Products : linux_kernel
    • Published: Oct. 07, 2025
    • Modified: Oct. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50526

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: fix memory corruption with too many bridges Add the missing sanity check on the bridge counter to avoid corrupting data beyond the fixed-sized bridge array in case there are... Read more

    Affected Products : linux_kernel
    • Published: Oct. 07, 2025
    • Modified: Oct. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50517

    In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: do not clobber swp_entry_t during THP split The following has been observed when running stressng mmap since commit b653db77350c ("mm: Clear page->private when splitting... Read more

    Affected Products : linux_kernel
    • Published: Oct. 07, 2025
    • Modified: Oct. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50516

    In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sb_lvbptr I experience issues when putting a lkbsb on the stack and have sb_lvbptr field to a dangled pointer while not using DLM_LKF_VALBLK. It will c... Read more

    Affected Products : linux_kernel
    • Published: Oct. 07, 2025
    • Modified: Oct. 08, 2025
    • Vuln Type: Memory Corruption

  • 3.6

    LOW
    CVE-2025-61984

    ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansio... Read more

    Affected Products : openssh
    • Published: Oct. 06, 2025
    • Modified: Oct. 08, 2025
    • Vuln Type: Authentication

  • 6.5

    MEDIUM
    CVE-2025-61766

    Bucket is a MediaWiki extension to store and retrieve structured data on articles. Prior to version 1.0.0, infinite recursion can occur if a user queries a bucket using the `!=` comparator. This will result in PHP's call stack limit exceeding, and/or incr... Read more

    Affected Products :
    • Published: Oct. 06, 2025
    • Modified: Oct. 08, 2025
    • Vuln Type: Denial of Service

  • 9.1

    CRITICAL
    CVE-2025-57247

    The BATBToken smart contract (address 0xfbf1388408670c02f0dbbb74251d8ded1d63b7a2, Compiler Version v0.8.26+commit.8a97fa7a) contains incorrect access control implementation in whitelist management functions. The setColdWhiteList() and setSpecialAddress() ... Read more

    Affected Products :
    • Published: Oct. 06, 2025
    • Modified: Oct. 08, 2025
    • Vuln Type: Authorization

  • 8.5

    HIGH
    CVE-2025-36355

    IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow a locally authenticated user to execute malicious scripts from outside of its control sphere.... Read more

    • Published: Oct. 06, 2025
    • Modified: Oct. 08, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.3

    HIGH
    CVE-2025-36354

    IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11.0.0.0 through 11.0.1.0 could allow an unauthenticated user to execute arbitrary commands with lower user privileges on the system due to improper validat... Read more

    • Published: Oct. 06, 2025
    • Modified: Oct. 08, 2025
    • Vuln Type: Injection

  • 6.5

    MEDIUM
    CVE-2025-61224

    Cross Site Scripting vulnerability in DokuWiki 2025-05-14a 'Librarian'[56.1] allows a remote attacker to execute arbitrary code via the q parameter... Read more

    Affected Products :
    • Published: Oct. 06, 2025
    • Modified: Oct. 08, 2025
    • Vuln Type: Cross-Site Scripting

  • 9.6

    CRITICAL
    CVE-2025-59159

    SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. In versions prior to 1.13.4, the web user interface for SillyTavern is s... Read more

    Affected Products :
    • Published: Oct. 06, 2025
    • Modified: Oct. 08, 2025
    • Vuln Type: Misconfiguration

  • 9.3

    CRITICAL
    CVE-2025-52472

    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 4.3-milestone-1 and prior to versions 16.10.9, 17.4.2, and 17.5.0, the REST search URL is vulnerable to HQL injection via the `ord... Read more

    Affected Products : xwiki
    • Published: Oct. 06, 2025
    • Modified: Oct. 08, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2023-53638

    In the Linux kernel, the following vulnerability has been resolved: octeon_ep: cancel queued works in probe error path If it fails to get the devices's MAC address, octep_probe exits while leaving the delayed work intr_poll_task queued. When the work la... Read more

    Affected Products : linux_kernel
    • Published: Oct. 07, 2025
    • Modified: Oct. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53635

    In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix wrong ct->timeout value (struct nf_conn)->timeout is an interval before the conntrack confirmed. After confirmed, it becomes a timestamp. It is observed that... Read more

    Affected Products : linux_kernel
    • Published: Oct. 07, 2025
    • Modified: Oct. 08, 2025

  • 0.0

    NA
    CVE-2023-53639

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath6kl: reduce WARN to dev_dbg() in callback The warn is triggered on a known race condition, documented in the code above the test, that is correctly handled. Using WARN() hinde... Read more

    Affected Products : linux_kernel
    • Published: Oct. 07, 2025
    • Modified: Oct. 08, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2023-53636

    In the Linux kernel, the following vulnerability has been resolved: clk: microchip: fix potential UAF in auxdev release callback Similar to commit 1c11289b34ab ("peci: cpu: Fix use-after-free in adev_release()"), the auxiliary device is not torn down in... Read more

    Affected Products : linux_kernel
    • Published: Oct. 07, 2025
    • Modified: Oct. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53633

    In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix a leak in map_user_pages() If get_user_pages_fast() allocates some pages but not as many as we wanted, then the current code leaks those pages. Call put_page() on the p... Read more

    Affected Products : linux_kernel
    • Published: Oct. 07, 2025
    • Modified: Oct. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53626

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible double unlock when moving a directory... Read more

    Affected Products : linux_kernel
    • Published: Oct. 07, 2025
    • Modified: Oct. 08, 2025
    • Vuln Type: Race Condition
Showing 20 of 3810 Results