Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2025-39734

    In the Linux kernel, the following vulnerability has been resolved: Revert "fs/ntfs3: Replace inode_trylock with inode_lock" This reverts commit 69505fe98f198ee813898cbcaf6770949636430b. Initially, conditional lock acquisition was removed to fix an xfs... Read more

    Affected Products : linux_kernel
    • Published: Sep. 07, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Race Condition

  • 6.1

    MEDIUM
    CVE-2025-0010

    An out of bounds write in the Linux graphics driver could allow an attacker to overflow the buffer potentially resulting in loss of confidentiality, integrity, or availability.... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 3.9

    LOW
    CVE-2023-31365

    An integer overflow in the SMU could allow a privileged attacker to potentially write memory beyond the end of the reserved dRAM area resulting in loss of integrity or availability.... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 8.7

    HIGH
    CVE-2023-31322

    Type confusion in the ASP could allow an attacker to pass a malformed argument to the Reliability, Availability, and Serviceability trusted application (RAS TA) potentially leading to a read or write to shared memory resulting in loss of confidentiality, ... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 3.0

    LOW
    CVE-2021-46750

    Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a malicious x86 attacker to send malformed messages to the graphics mailbox resulting in an overlap of a TMR (Trusted Memory Region) that was previously allocated by... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 6.4

    MEDIUM
    CVE-2025-9493

    The Admin Menu Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘placeholder’ parameter in all versions up to, and including, 1.14 due to insufficient input sanitization and output escaping. This makes it possible for authe... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.3

    MEDIUM
    CVE-2025-58369

    fs2 is a compositional, streaming I/O library for Scala. Versions 3.12.2 and lower and 3.13.0-M1 through 3.13.0-M6 is vulnerable to denial of service attacks though TLS sessions using fs2-io on the JVM using the fs2.io.net.tls package. When establishing a... Read more

    Affected Products : fs2
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-39711

    In the Linux kernel, the following vulnerability has been resolved: media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls Both the ACE and CSI driver are missing a mei_cldev_disable() call in their remove() function. This causes t... Read more

    Affected Products : linux_kernel
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39694

    In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Fix SCCB present check Tracing code called by the SCLP interrupt handler contains early exits if the SCCB address associated with an interrupt is NULL. This check is performe... Read more

    Affected Products : linux_kernel
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39689

    In the Linux kernel, the following vulnerability has been resolved: ftrace: Also allocate and copy hash for reading of filter files Currently the reader of set_ftrace_filter and set_ftrace_notrace just adds the pointer to the global tracer hash to its i... Read more

    Affected Products : linux_kernel
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39677

    In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdisc_dequeue_internal This issue applies for the following qdiscs: hhf, fq, fq_codel, and fq_pie, and occurs in their change handlers when adjustin... Read more

    Affected Products : linux_kernel
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-39682

    In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rx_list Each recvmsg() call must process either - only contiguous DATA records (any number of them) - one non-DATA record If the next ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025

  • 0.0

    NA
    CVE-2025-39690

    In the Linux kernel, the following vulnerability has been resolved: iio: accel: sca3300: fix uninitialized iio scan data Fix potential leak of uninitialized stack data to userspace by ensuring that the `channels` array is zeroed before use.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Information Disclosure

  • 0.0

    NA
    CVE-2025-39691

    In the Linux kernel, the following vulnerability has been resolved: fs/buffer: fix use-after-free when call bh_read() helper There's issue as follows: BUG: KASAN: stack-out-of-bounds in end_buffer_read_sync+0xe3/0x110 Read of size 8 at addr ffffc9000168... Read more

    Affected Products : linux_kernel
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39692

    In the Linux kernel, the following vulnerability has been resolved: smb: server: split ksmbd_rdma_stop_listening() out of ksmbd_rdma_destroy() We can't call destroy_workqueue(smb_direct_wq); before stop_sessions()! Otherwise already existing connection... Read more

    Affected Products : linux_kernel
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-39696

    In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: tas2781: Fix wrong reference of tasdevice_priv During the conversion to unify the calibration data management, the reference to tasdevice_priv was wrongly set to h->hda_priv ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39722

    In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP Since the CAAM on these SoCs is managed by another ARM core, called the SECO (Security Controller) on iMX8QM and Secure Enc... Read more

    Affected Products : linux_kernel
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-39723

    In the Linux kernel, the following vulnerability has been resolved: netfs: Fix unbuffered write error handling If all the subrequests in an unbuffered write stream fail, the subrequest collector doesn't update the stream->transferred value and it retain... Read more

    Affected Products : linux_kernel
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-39724

    In the Linux kernel, the following vulnerability has been resolved: serial: 8250: fix panic due to PSLVERR When the PSLVERR_RESP_EN parameter is set to 1, the device generates an error response if an attempt is made to read an empty RBR (Receive Buffer ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2025-50972

    SQL Injection vulnerability in AbanteCart 1.4.2, allows unauthenticated attackers to execute arbitrary SQL commands via the tmpl_id parameter to index.php. Three techniques have been demonstrated: error-based injection using a crafted FLOOR-based payload,... Read more

    Affected Products : abantecart
    • Published: Aug. 27, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Injection
Showing 20 of 4410 Results