Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2022-50365

    In the Linux kernel, the following vulnerability has been resolved: skbuff: Account for tail adjustment during pull operations Extending the tail can have some unexpected side effects if a program uses a helper like BPF_FUNC_skb_pull_data to read partia... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53342

    In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix handling IPv4 routes with nhid Fix handling IPv4 routes referencing a nexthop via its id by replacing calls to fib_info_nh() with fib_info_nhc(). Trying to ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Misconfiguration

  • 8.0

    HIGH
    CVE-2025-23268

    NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker may cause an improper input validation issue. A successful exploit of this vulnerability may lead to code execution.... Read more

    Affected Products : triton_inference_server
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2022-50366

    In the Linux kernel, the following vulnerability has been resolved: powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue When value < time_unit, the parameter of ilog2() will be zero and the return value is -1. u64(-1) is too large for shift expone... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53346

    In the Linux kernel, the following vulnerability has been resolved: kernel/fail_function: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To m... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Memory Corruption

  • 8.9

    HIGH
    CVE-2024-48851

    Improper Validation of Specified Type of Input vulnerability in ABB FLXEON.A remote code execution is possible due to an improper input validation. This issue affects FLXEON: through 9.3.5.... Read more

    Affected Products :
    • Published: Sep. 18, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2023-53359

    In the Linux kernel, the following vulnerability has been resolved: USB: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simple... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Memory Corruption

  • 5.1

    MEDIUM
    CVE-2025-10642

    A vulnerability has been found in wangchenyi1996 chat_forum up to 80bdb92f5b460d36cab36e530a2c618acef5afd2. This impacts an unknown function of the file /q.php. Such manipulation of the argument path leads to cross site scripting. The attack may be launch... Read more

    Affected Products :
    • Published: Sep. 18, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Cross-Site Scripting

  • 0.0

    NA
    CVE-2023-53362

    In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: don't assume child devices are all fsl-mc devices Changes in VFIO caused a pseudo-device to be created as child of fsl-mc devices causing a crash [1] when trying to bind a ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Misconfiguration

  • 9.4

    CRITICAL
    CVE-2025-10205

    Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5. and newer versions... Read more

    Affected Products :
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Cryptography

  • 6.5

    MEDIUM
    CVE-2025-10665

    A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. Affected is an unknown function of the file /Profilers/PProfile/COUNT3s3.php. The manipulation of the argument csem leads to sql injection. Remo... Read more

    Affected Products :
    • Published: Sep. 18, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Injection

  • 6.7

    MEDIUM
    CVE-2025-23337

    NVIDIA HGX & DGX GB200, GB300, B300 contain a vulnerability in the HGX Management Controller (HMC) that may allow a malicious actor with administrative access on the BMC to access the HMC as an administrator. A successful exploit of this vulnerability ma... Read more

    Affected Products :
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authorization

  • 0.0

    NA
    CVE-2022-50367

    In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfs_mdt_destroy In alloc_inode, inode_init_always() could return -ENOMEM if security_inode_alloc() fails, which causes inode->i_private uninitialized. Then nilf... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50354

    In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kfd_process_device_init_vm error handling Should only destroy the ib_mem and let process cleanup worker to free the outstanding BOs. Reset the pointer in pdd->qpd struct... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53367

    In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: fix mem leak in capture user mappings This commit fixes a memory leak caused when clearing the user_mappings info when a new context is opened immediately after user_m... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53354

    In the Linux kernel, the following vulnerability has been resolved: skbuff: skb_segment, Call zero copy functions before using skbuff frags Commit bf5c25d60861 ("skbuff: in skb_segment, call zerocopy functions once per nskb") added the call to zero copy... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-59340

    jinjava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Priori to 2.8.1, by using mapper.getTypeFactory().constructFromCanonical(), it is possible to instruct the underlying ObjectMapper to deserialize a... Read more

    Affected Products : jinjava
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Information Disclosure

  • 4.2

    MEDIUM
    CVE-2025-35434

    CISA Thorium does not validate TLS certificates when connecting to Elasticsearch. An unauthenticated attacker with access to a Thorium cluster could impersonate the Elasticsearch service. Fixed in 1.1.2.... Read more

    Affected Products :
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53368

    In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race issue between cpu buffer write and swap Warning happened in rb_end_commit() at code: if (RB_WARN_ON(cpu_buffer, !local_read(&cpu_buffer->committing))) WARNING: CPU... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Race Condition

  • 6.4

    MEDIUM
    CVE-2025-9992

    The Ghost Kit – Page Builder Blocks, Motion Effects & Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom JS field in all versions up to, and including, 3.4.3 due to insufficient input sanitization and output escapi... Read more

    Affected Products :
    • Published: Sep. 18, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Cross-Site Scripting
Showing 20 of 4304 Results