Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2025-6005

    A vulnerability classified as critical was found in kiCode111 like-girl 5.2.0. This vulnerability affects unknown code of the file /admin/aboutPost.php. The manipulation of the argument title/aboutimg/info1/info2/info3/btn1/btn2/infox1/infox2/infox3/infox... Read more

    Affected Products : like-girl
    • Published: Jun. 12, 2025
    • Modified: Jun. 20, 2025
    • Vuln Type: Injection

  • 7.2

    HIGH
    CVE-2025-6006

    A vulnerability, which was classified as critical, has been found in kiCode111 like-girl 5.2.0. This issue affects some unknown processing of the file /admin/ImgUpdaPost.php. The manipulation of the argument id/imgText/imgDatd/imgUrl leads to sql injectio... Read more

    Affected Products : like-girl
    • Published: Jun. 12, 2025
    • Modified: Jun. 20, 2025
    • Vuln Type: Injection

  • 5.1

    MEDIUM
    CVE-2025-5138

    A vulnerability was found in Bitwarden up to 2.25.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component PDF File Handler. The manipulation leads to cross site scripting. The attack can be launc... Read more

    Affected Products :
    • Published: May. 25, 2025
    • Modified: Jun. 20, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.8

    HIGH
    CVE-2023-25719

    ConnectWise Control before 22.9.10032 (formerly known as ScreenConnect) fails to validate user-supplied parameters such as the Bin/ConnectWiseControl.Client.exe h parameter. This results in reflected data and injection of malicious code into a downloaded ... Read more

    Affected Products : control
    • Published: Feb. 13, 2023
    • Modified: Jun. 19, 2025

  • 9.8

    CRITICAL
    CVE-2023-25718

    In ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect), after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a (differen... Read more

    Affected Products : control
    • Published: Feb. 13, 2023
    • Modified: Jun. 19, 2025

  • 0.0

    NA
    CVE-2024-58077

    In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-pcm: don't use soc_pcm_ret() on .prepare callback commit 1f5664351410 ("ASoC: lower "no backend DAIs enabled for ... Port" log severity") ignores -EINVAL error message on comm... Read more

    Affected Products : linux_kernel
    • Published: Mar. 06, 2025
    • Modified: Jun. 19, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2024-56694

    In the Linux kernel, the following vulnerability has been resolved: bpf: fix recursive lock when verdict program return SK_PASS When the stream_verdict program returns SK_PASS, it places the received skb into its own receive queue, but a recursive lock ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 28, 2024
    • Modified: Jun. 19, 2025

  • 7.8

    HIGH
    CVE-2024-46852

    In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA heap fault handler Until VM_DONTEXPAND was added in commit 1c1914d6e8c6 ("dma-buf: heaps: Don't track CMA dma-buf pages under RssFile") it was poss... Read more

    Affected Products : linux_kernel
    • Published: Sep. 27, 2024
    • Modified: Jun. 19, 2025

  • 5.5

    MEDIUM
    CVE-2024-45025

    In the Linux kernel, the following vulnerability has been resolved: fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE copy_fd_bitmaps(new, old, count) is expected to copy the first count/BITS_PER_LONG bits from old->full_fds_bits[] and fil... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2024
    • Modified: Jun. 19, 2025

  • 5.5

    MEDIUM
    CVE-2024-43911

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, link_data/link_conf are dynamically allocated. They don't point to vif->bss_conf. So, the... Read more

    Affected Products : linux_kernel
    • Published: Aug. 26, 2024
    • Modified: Jun. 19, 2025

  • 3.3

    LOW
    CVE-2024-43845

    In the Linux kernel, the following vulnerability has been resolved: udf: Fix bogus checksum computation in udf_rename() Syzbot reports uninitialized memory access in udf_rename() when updating checksum of '..' directory entry of a moved directory. This ... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Jun. 19, 2025

  • 5.5

    MEDIUM
    CVE-2024-43835

    In the Linux kernel, the following vulnerability has been resolved: virtio_net: Fix napi_skb_cache_put warning After the commit bdacf3e34945 ("net: Use nested-BH locking for napi_alloc_cache.") was merged, the following warning began to appear: WARNI... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Jun. 19, 2025

  • 5.5

    MEDIUM
    CVE-2024-36288

    In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix loop termination condition in gss_free_in_token_pages() The in_token->pages[] array is not NULL terminated. This results in the following KASAN splat: KASAN: maybe wild-m... Read more

    Affected Products : linux_kernel
    • Published: Jun. 21, 2024
    • Modified: Jun. 19, 2025

  • 5.5

    MEDIUM
    CVE-2024-35927

    In the Linux kernel, the following vulnerability has been resolved: drm: Check output polling initialized before disabling In drm_kms_helper_poll_disable() check if output polling support is initialized before disabling polling. If not flag this as a wa... Read more

    Affected Products : linux_kernel
    • Published: May. 19, 2024
    • Modified: Jun. 19, 2025

  • 0.0

    NA
    CVE-2024-27410

    In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject iftype change with mesh ID change It's currently possible to change the mesh ID when the interface isn't yet in mesh mode, at the same time as changing it into mes... Read more

    Affected Products : linux_kernel
    • Published: May. 17, 2024
    • Modified: Jun. 19, 2025

  • 5.5

    MEDIUM
    CVE-2024-26829

    In the Linux kernel, the following vulnerability has been resolved: media: ir_toy: fix a memleak in irtoy_tx When irtoy_command fails, buf should be freed since it is allocated by irtoy_tx, or there is a memleak.... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2024
    • Modified: Jun. 19, 2025

  • 5.5

    MEDIUM
    CVE-2024-26774

    In the Linux kernel, the following vulnerability has been resolved: ext4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt Determine if bb_fragments is 0 instead of determining bb_free to eliminate the risk of dividing by z... Read more

    Affected Products : linux_kernel
    • Published: Apr. 03, 2024
    • Modified: Jun. 19, 2025

  • 5.5

    MEDIUM
    CVE-2024-26710

    In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN thread size increase to 32KB KASAN is seen to increase stack usage, to the point that it was reported to lead to stack overflow on some 32-bit machines (see l... Read more

    Affected Products : linux_kernel
    • Published: Apr. 03, 2024
    • Modified: Jun. 19, 2025

  • 7.8

    HIGH
    CVE-2023-52921

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix possible UAF in amdgpu_cs_pass1() Since the gang_size check is outside of chunk parsing loop, we need to reset i before we free the chunk data. Suggested by Ye Zhang (@... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Jun. 19, 2025

  • 7.8

    HIGH
    CVE-2023-52760

    In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in gfs2_qd_dealloc In gfs2_put_super(), whether withdrawn or not, the quota should be cleaned up by gfs2_quota_cleanup(). Otherwise, struct gfs2_sbd will ... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Jun. 19, 2025
Showing 20 of 293605 Results