Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2025-39710

    In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the pac... Read more

    Affected Products : linux_kernel
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 2.8

    LOW
    CVE-2023-31326

    Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment (TEE) driver, potentially leading to loss of confidentiality.... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Information Disclosure

  • 3.2

    LOW
    CVE-2024-36331

    Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity.... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2025-10086

    A weakness has been identified in fuyang_lipengjun platform 1.0.0. This issue affects the function queryAll of the file /adposition/queryAll of the component AdPositionController. This manipulation causes improper authorization. The attack can be initiate... Read more

    Affected Products :
    • Published: Sep. 08, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Authorization

  • 0.0

    NA
    CVE-2025-39705

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a Null pointer dereference vulnerability [Why] A null pointer dereference vulnerability exists in the AMD display driver's (DC module) cleanup function dc_destruct(... Read more

    Affected Products : linux_kernel
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 8.1

    HIGH
    CVE-2025-58437

    Coder allows organizations to provision remote development environments via Terraform. In versions 2.22.0 through 2.24.3, 2.25.0 and 2.25.1, Coder can be compromised through insecure session handling in prebuilt workspaces. Coder automatically generates ... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Authentication

  • 3.1

    LOW
    CVE-2025-10080

    A vulnerability has been found in running-elephant Datart up to 1.0.0-rc3. Affected by this issue is the function getTokensecret of the file datart/security/src/main/java/datart/security/util/AESUtil.java of the component API. The manipulation leads to us... Read more

    Affected Products :
    • Published: Sep. 08, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Cryptography

  • 0.0

    NA
    CVE-2025-39733

    In the Linux kernel, the following vulnerability has been resolved: team: replace team lock with rtnl lock syszbot reports various ordering issues for lower instance locks and team lock. Switch to using rtnl lock for protecting team device, similar to b... Read more

    Affected Products : linux_kernel
    • Published: Sep. 07, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-39729

    In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix dereferencing uninitialized error pointer Fix below smatch warnings: drivers/crypto/ccp/sev-dev.c:1312 __sev_platform_init_locked() error: we previously assumed 'error... Read more

    Affected Products : linux_kernel
    • Published: Sep. 07, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Cryptography

  • 2.5

    LOW
    CVE-2023-31330

    An out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious bootloader to potentially read sensitive memory resulting in loss of confidentiality.... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39727

    In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix potential buffer overflow in setup_clusters() In setup_swap_map(), we only ensure badpages are in range (0, last_page]. As maxpages might be < last_page, setup_clusters()... Read more

    Affected Products : linux_kernel
    • Published: Sep. 07, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 4.7

    MEDIUM
    CVE-2025-0034

    Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_SPATIAL_PART and cause read or write past the end of allocated arrays, potentially resulting in a loss of platform integrity or denial ... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 8.6

    HIGH
    CVE-2025-9709

    On-Chip Debug and Test Interface With Improper Access Control and Improper Protection against Electromagnetic Fault Injection (EM-FI) in Nordic Semiconductor nRF52810 allow attacker to perform EM Fault Injection and bypass APPROTECT at runtime, requiring ... Read more

    Affected Products :
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-39717

    In the Linux kernel, the following vulnerability has been resolved: open_tree_attr: do not allow id-mapping changes without OPEN_TREE_CLONE As described in commit 7a54947e727b ('Merge patch series "fs: allow changing idmappings"'), open_tree_attr(2) was... Read more

    Affected Products : linux_kernel
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-39715

    In the Linux kernel, the following vulnerability has been resolved: parisc: Revise gateway LWS calls to probe user read access We use load and stbys,e instructions to trigger memory reference interruptions without writing to memory. Because of the way r... Read more

    Affected Products : linux_kernel
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 5.3

    MEDIUM
    CVE-2023-31351

    Improper restriction of operations in the IOMMU could allow a malicious hypervisor to access guest private memory resulting in loss of integrity.... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 6.0

    MEDIUM
    CVE-2024-36346

    Improper input validation in AMD Power Management Firmware (PMFW) could allow a privileged attacker from Guest VM to send arbitrary input data potentially causing a GPU Reset condition.... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Misconfiguration

  • 4.4

    MEDIUM
    CVE-2024-21970

    Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity.... Read more

    Affected Products :
    • Published: Sep. 06, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39675

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() The function mod_hdcp_hdcp1_create_session() calls the function get_first_active_display(), but does not check... Read more

    Affected Products : linux_kernel
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39680

    In the Linux kernel, the following vulnerability has been resolved: i2c: rtl9300: Fix out-of-bounds bug in rtl9300_i2c_smbus_xfer The data->block[0] variable comes from user. Without proper check, the variable may be very large to cause an out-of-bounds... Read more

    Affected Products : linux_kernel
    • Published: Sep. 05, 2025
    • Modified: Sep. 08, 2025
Showing 20 of 4328 Results