Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2023-52681

    In the Linux kernel, the following vulnerability has been resolved: efivarfs: Free s_fs_info on unmount Now that we allocate a s_fs_info struct on fs context creation, we should ensure that we free it again when the superblock goes away.... Read more

    Affected Products : linux_kernel
    • Published: May. 17, 2024
    • Modified: Jun. 19, 2025

  • 5.5

    MEDIUM
    CVE-2023-52569

    In the Linux kernel, the following vulnerability has been resolved: btrfs: remove BUG() after failure to insert delayed dir index item Instead of calling BUG() when we fail to insert a delayed dir index item into the delayed node's tree, we can just rel... Read more

    Affected Products : linux_kernel
    • Published: Mar. 02, 2024
    • Modified: Jun. 19, 2025

  • 0.0

    NA
    CVE-2022-49558

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: double hook unregistration in netns path __nft_release_hooks() is called from pre_netns exit path which unregisters the hooks, then the NETDEV_UNREGISTER event is ... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Jun. 19, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2022-49418

    In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix free of uninitialized nfs4_label on referral lookup. Send along the already-allocated fattr along with nfs4_fs_locations, and drop the memcpy of fattr. We end up growing two... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Jun. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2022-49412

    In the Linux kernel, the following vulnerability has been resolved: bfq: Avoid merging queues with different parents It can happen that the parent of a bfqq changes between the moment we decide two queues are worth to merge (and set bic->stable_merge_bf... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Jun. 19, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-49352

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in ext4_handle_inode_extension We got issue as follows: EXT4-fs error (device loop0) in ext4_reserve_inode_write:5741: Out of memory EXT4-fs error (device loop0): ext4... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Jun. 19, 2025
    • Vuln Type: Memory Corruption

  • 4.7

    MEDIUM
    CVE-2022-49152

    In the Linux kernel, the following vulnerability has been resolved: XArray: Fix xas_create_range() when multi-order entry present If there is already an entry present that is of order >= XA_CHUNK_SHIFT when we call xas_create_range(), xas_create_range()... Read more

    Affected Products : linux_kernel
    • Published: Feb. 26, 2025
    • Modified: Jun. 19, 2025
    • Vuln Type: Memory Corruption

  • 4.7

    MEDIUM
    CVE-2022-48941

    In the Linux kernel, the following vulnerability has been resolved: ice: fix concurrent reset and removal of VFs Commit c503e63200c6 ("ice: Stop processing VF messages during teardown") introduced a driver state flag, ICE_VF_DEINIT_IN_PROGRESS, which is... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2024
    • Modified: Jun. 19, 2025

  • 5.5

    MEDIUM
    CVE-2022-48935

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: unregister flowtable hooks on netns exit Unregister flowtable hooks before they are releases via nf_tables_flowtable_destroy() otherwise hook core reports UAF. BU... Read more

    Affected Products : linux_kernel
    • Published: Aug. 22, 2024
    • Modified: Jun. 19, 2025

  • 5.5

    MEDIUM
    CVE-2022-48849

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: bypass tiling flag check in virtual display case (v2) vkms leverages common amdgpu framebuffer creation, and also as it does not support FB modifier, there is no need to che... Read more

    Affected Products : linux_kernel
    • Published: Jul. 16, 2024
    • Modified: Jun. 19, 2025

  • 7.2

    HIGH
    CVE-2025-6007

    A vulnerability, which was classified as critical, was found in kiCode111 like-girl 5.2.0. Affected is an unknown function of the file /admin/CopyadminPost.php. The manipulation of the argument icp/Copyright leads to sql injection. It is possible to launc... Read more

    Affected Products : like-girl
    • Published: Jun. 12, 2025
    • Modified: Jun. 19, 2025
    • Vuln Type: Injection

  • 7.2

    HIGH
    CVE-2025-6008

    A vulnerability has been found in kiCode111 like-girl 5.2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/ImgAddPost.php. The manipulation of the argument imgDatd/imgText/imgUrl leads to sql inje... Read more

    Affected Products : like-girl
    • Published: Jun. 12, 2025
    • Modified: Jun. 19, 2025
    • Vuln Type: Injection

  • 7.2

    HIGH
    CVE-2025-6009

    A vulnerability was found in kiCode111 like-girl 5.2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ipAddPost.php. The manipulation of the argument bz/ipdz leads to sql injection. The attack may be la... Read more

    Affected Products : like-girl
    • Published: Jun. 12, 2025
    • Modified: Jun. 19, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-44906

    jhead v3.08 was discovered to contain a heap-use-after-free via the ProcessFile function at jhead.c.... Read more

    Affected Products : jhead
    • Published: May. 30, 2025
    • Modified: Jun. 19, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2025-48887

    vLLM, an inference and serving engine for large language models (LLMs), has a Regular Expression Denial of Service (ReDoS) vulnerability in the file `vllm/entrypoints/openai/tool_parsers/pythonic_tool_parser.py` of versions 0.6.4 up to but excluding 0.9.0... Read more

    Affected Products : vllm
    • Published: May. 30, 2025
    • Modified: Jun. 19, 2025
    • Vuln Type: Denial of Service

  • 7.3

    HIGH
    CVE-2025-45474

    maccms10 v2025.1000.4047 is vulnerable to Server-side request forgery (SSRF) in Email Settings.... Read more

    Affected Products : maccms
    • Published: May. 29, 2025
    • Modified: Jun. 19, 2025
    • Vuln Type: Server-Side Request Forgery

  • 6.3

    MEDIUM
    CVE-2025-5136

    A vulnerability, which was classified as problematic, was found in Tmall Demo up to 20250505. This affects an unknown part of the file /tmall/order/pay/ of the component Payment Identifier Handler. The manipulation leads to insufficiently random values. I... Read more

    Affected Products : tmall_demo
    • Published: May. 25, 2025
    • Modified: Jun. 19, 2025
    • Vuln Type: Cryptography

  • 6.3

    MEDIUM
    CVE-2025-32790

    Dify is an open-source LLM app development platform. In versions 0.6.8 and prior, a vulnerability was identified in the DIFY AI where normal users are improperly granted permissions to export APP DSL. The feature in '/export' should only allow administrat... Read more

    Affected Products : dify
    • Published: Apr. 18, 2025
    • Modified: Jun. 19, 2025
    • Vuln Type: Authorization

  • 6.5

    MEDIUM
    CVE-2025-32795

    Dify is an open-source LLM app development platform. Prior to version 0.6.12, a vulnerability was identified in the DIFY where normal users are improperly granted permissions to edit APP names, descriptions and icons. This access control flaw allows non-a... Read more

    Affected Products : dify
    • Published: Apr. 18, 2025
    • Modified: Jun. 19, 2025
    • Vuln Type: Authorization

  • 9.8

    CRITICAL
    CVE-2025-29058

    An issue in Qimou CMS v.3.34.0 allows a remote attacker to execute arbitrary code via the upgrade.php component.... Read more

    Affected Products : qimou_cms
    • Published: Apr. 18, 2025
    • Modified: Jun. 19, 2025
    • Vuln Type: Authentication
Showing 20 of 293605 Results