Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2025-68176

    In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdns_pcie::ops before using it cdns_pcie::ops might not be populated by all the Cadence glue drivers. This is going to be true for the upcoming ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-68303

    In the Linux kernel, the following vulnerability has been resolved: platform/x86: intel: punit_ipc: fix memory corruption This passes the address of the pointer "&punit_ipcdev" when the intent was to pass the pointer itself "punit_ipcdev" (without the a... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-68243

    In the Linux kernel, the following vulnerability has been resolved: NFS: Check the TLS certificate fields in nfs_match_client() If the TLS security policy is of type RPC_XPRTSEC_TLS_X509, then the cert_serial and privkey_serial fields need to match as w... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Authentication

  • 0.0

    NA
    CVE-2025-68216

    In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Disable trampoline for kernel module function trace The current LoongArch BPF trampoline implementation is incompatible with tracing functions in kernel modules. This ca... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-68300

    In the Linux kernel, the following vulnerability has been resolved: fs/namespace: fix reference leak in grab_requested_mnt_ns lookup_mnt_ns() already takes a reference on mnt_ns. grab_requested_mnt_ns() doesn't need to take an extra reference.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025

  • 0.0

    NA
    CVE-2025-68291

    In the Linux kernel, the following vulnerability has been resolved: mptcp: Initialise rcv_mss before calling tcp_send_active_reset() in mptcp_do_fastclose(). syzbot reported divide-by-zero in __tcp_select_window() by MPTCP socket. [0] We had a similar ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025

  • 0.0

    NA
    CVE-2025-68281

    In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list "struct sdca_control" declares "values" field as integer array. But the memory allocated to it is of char array. This causes ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-68258

    In the Linux kernel, the following vulnerability has been resolved: comedi: multiq3: sanitize config options in multiq3_attach() Syzbot identified an issue [1] in multiq3_attach() that induces a task timeout due to open() or COMEDI_DEVCONFIG ioctl opera... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-68313

    In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Add RDSEED fix for Zen5 There's an issue with RDSEED's 16-bit and 32-bit register output variants on Zen5 which return a random value of 0 "at a rate inconsistent with rand... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Misconfiguration

  • 7.0

    HIGH
    CVE-2025-11901

    An uncontrolled resource consumption vulnerability affects certain ASUS motherboards using Intel B460, B560, B660, B760, H410, H510, H610, H470, Z590, Z690, Z790, W480, W680 series chipsets. Exploitation requires physical access to internal expansion slo... Read more

    Affected Products :
    • Published: Dec. 17, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-68219

    In the Linux kernel, the following vulnerability has been resolved: cifs: fix memory leak in smb3_fs_context_parse_param error path Add proper cleanup of ctx->source and fc->source to the cifs_parse_mount_err error handler. This ensures that memory allo... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-68221

    In the Linux kernel, the following vulnerability has been resolved: mptcp: fix address removal logic in mptcp_pm_nl_rm_addr Fix inverted WARN_ON_ONCE condition that prevented normal address removal counter updates. The current code only executes decreme... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-68234

    In the Linux kernel, the following vulnerability has been resolved: io_uring/cmd_net: fix wrong argument types for skb_queue_splice() If timestamp retriving needs to be retried and the local list of SKB's already has entries, then it's spliced back into... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-68237

    In the Linux kernel, the following vulnerability has been resolved: mtdchar: fix integer overflow in read/write ioctls The "req.start" and "req.len" variables are u64 values that come from the user at the start of the function. We mask away the high 32... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-68244

    In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD On completion of i915_vma_pin_ww(), a synchronous variant of dma_fence_work_commit() is called. When pinning a VMA to... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-68245

    In the Linux kernel, the following vulnerability has been resolved: net: netpoll: fix incorrect refcount handling causing incorrect cleanup commit efa95b01da18 ("netpoll: fix use after free") incorrectly ignored the refcount and prematurely set dev->npi... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-68251

    In the Linux kernel, the following vulnerability has been resolved: erofs: avoid infinite loops due to corrupted subpage compact indexes Robert reported an infinite loop observed by two crafted images. The root cause is that `clusterofs` can be larger ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-68256

    In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser The Information Element (IE) parser rtw_get_ie() trusted the length byte of each IE without validating that the IE body... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Information Disclosure

  • 0.0

    NA
    CVE-2025-68257

    In the Linux kernel, the following vulnerability has been resolved: comedi: check device's attached status in compat ioctls Syzbot identified an issue [1] that crashes kernel, seemingly due to unexistent callback dev->get_valid_routes(). By all means, t... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-68284

    In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() The len field originates from untrusted network packets. Boundary checks have been added to prevent potentia... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 5229 Results