Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.7

    HIGH
    CVE-2025-7970

    A security issue exists within FactoryTalk Activation Manager. An error in the implementation of cryptography within the software could allow attackers to decrypt traffic. This could result in data exposure, session hijacking, or full communication compr... Read more

    Affected Products : factorytalk_activation_manager
    • Published: Sep. 09, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Cryptography

  • 4.7

    MEDIUM
    CVE-2024-37354

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix crash on racing fsync and size-extending write into prealloc We have been seeing crashes on duplicate keys in btrfs_set_item_key_safe(): BTRFS critical (device vdb): slot ... Read more

    Affected Products : linux_kernel
    • Published: Jun. 25, 2024
    • Modified: Sep. 17, 2025

  • 7.1

    HIGH
    CVE-2025-8007

    A security issue exists in the protected mode of 1756-EN4TR and 1756-EN2TR communication modules, where a Concurrent Forward Close operation can trigger a Major Non-Recoverable (MNFR) fault. This condition may lead to unexpected system crashes and loss of... Read more

    • Published: Sep. 09, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2024-40921

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state Pass the already obtained vlan group pointer to br_mst_vlan_set_state() instead of dereferencing it again. Each calle... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025

  • 7.1

    HIGH
    CVE-2025-8008

    A security issue exists in the protected mode of EN4TR devices, where sending specifically crafted messages during a Forward Close operation can cause the device to crash.... Read more

    • Published: Sep. 09, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Denial of Service

  • 7.8

    HIGH
    CVE-2024-40920

    In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state I converted br_mst_set_state to RCU to avoid a vlan use-after-free but forgot to change the vlan group dereference helper.... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025

  • 6.3

    MEDIUM
    CVE-2024-40918

    In the Linux kernel, the following vulnerability has been resolved: parisc: Try to fix random segmentation faults in package builds PA-RISC systems with PA8800 and PA8900 processors have had problems with random segmentation faults for many years. Syst... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-40915

    In the Linux kernel, the following vulnerability has been resolved: riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context __kernel_map_pages() is a debug function which clears the valid bit in page table entry for deallocated pages to d... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025

  • 7.8

    HIGH
    CVE-2024-40913

    In the Linux kernel, the following vulnerability has been resolved: cachefiles: defer exposing anon_fd until after copy_to_user() succeeds After installing the anonymous fd, we can now see it in userland and close it. However, at this point we may not h... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025

  • 0.0

    NA
    CVE-2025-10597

    A vulnerability was determined in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. This vulnerability affects unknown code of the file /Profilers/PriProfile/COUNT2.php. This manipulation of the argument cname causes sql injecti... Read more

    Affected Products :
    • Published: Sep. 17, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2024-40900

    In the Linux kernel, the following vulnerability has been resolved: cachefiles: remove requests from xarray during flushing requests Even with CACHEFILES_DEAD set, we can still read the requests, so in the following concurrency the request may be used a... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-39509

    In the Linux kernel, the following vulnerability has been resolved: HID: core: remove unnecessary WARN_ON() in implement() Syzkaller hit a warning [1] in a call to implement() when trying to write a value into a field of smaller size in an output report... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-39505

    In the Linux kernel, the following vulnerability has been resolved: drm/komeda: check for error-valued pointer komeda_pipeline_get_state() may return an error-valued pointer, thus check the pointer for negative or null value before dereferencing.... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025

  • 7.0

    HIGH
    CVE-2024-39503

    In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type Lion Ackermann reported that there is a race condition between namespace cleanup in ipset and the garbag... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025

  • 7.8

    HIGH
    CVE-2024-39502

    In the Linux kernel, the following vulnerability has been resolved: ionic: fix use after netif_napi_del() When queues are started, netif_napi_add() and napi_enable() are called. If there are 4 queues and only 3 queues are used for the current configurat... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025

  • 7.8

    HIGH
    CVE-2024-40939

    In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail In case of region creation fail in ipc_devlink_create_region(), previously created regions delete process sta... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025

  • 7.8

    HIGH
    CVE-2024-40935

    In the Linux kernel, the following vulnerability has been resolved: cachefiles: flush all requests after setting CACHEFILES_DEAD In ondemand mode, when the daemon is processing an open request, if the kernel flags the cache as CACHEFILES_DEAD, the cache... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025

  • 7.1

    HIGH
    CVE-2024-40929

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids In some versions of cfg80211, the ssids poinet might be a valid one even though n_ssids is 0. Accessing the pointer in this ... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025

  • 7.8

    HIGH
    CVE-2024-40927

    In the Linux kernel, the following vulnerability has been resolved: xhci: Handle TD clearing for multiple streams case When multiple streams are in use, multiple TDs might be in flight when an endpoint is stopped. We need to issue a Set TR Dequeue Point... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Sep. 17, 2025

  • 6.1

    MEDIUM
    CVE-2025-9862

    Server-Side Request Forgery (SSRF) vulnerability in Ghost allows an attacker to access internal resources.This issue affects Ghost: from 6.0.0 through 6.0.8, from 5.99.0 through 5.130.3.... Read more

    Affected Products :
    • Published: Sep. 17, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Server-Side Request Forgery
Showing 20 of 294421 Results