Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NONE
    CVE-2024-53868

    Apache Traffic Server allows request smuggling if chunked messages are malformed.  This issue affects Apache Traffic Server: from 9.2.0 through 9.2.9, from 10.0.0 through 10.0.4. Users are recommended to upgrade to version 9.2.10 or 10.0.5, which fi... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025

  • 3.5

    CVSS31
    CVE-2025-3152

    A vulnerability classified as problematic has been found in caipeichao ThinkOX 1.0. This affects an unknown part of the file /ThinkOX-master/index.php?s=/Weibo/Index/search.html of the component Search. The manipulation of the argument keywords leads to c... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025

  • 7.3

    CVSS31
    CVE-2025-3151

    A vulnerability was found in SourceCodester Gym Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /signup.php. The manipulation of the argument user_name leads to sql injection. The atta... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025

  • 4.3

    CVSS31
    CVE-2025-3150

    A vulnerability was found in itning Student Homework Management System up to 1.2.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be la... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025

  • 2.4

    CVSS31
    CVE-2025-3149

    A vulnerability was found in itning Student Homework Management System up to 1.2.7. It has been classified as problematic. Affected is an unknown function of the file /shw_war/fileupload of the component Edit Job Page. The manipulation of the argument Cou... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025

  • 4.4

    CVSS31
    CVE-2025-2874

    The User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 20240319 due to insufficient input sanitization and outpu... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025

  • 0.0

    NONE
    CVE-2025-22007

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix error code in chan_alloc_skb_cb() The chan_alloc_skb_cb() function is supposed to return error pointers on error. Returning NULL will lead to a NULL dereference.... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025

  • 0.0

    NONE
    CVE-2025-22006

    In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: Fix NAPI registration sequence Registering the interrupts for TX or RX DMA Channels prior to registering their respective NAPI callbacks can result in a NU... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025

  • 0.0

    NONE
    CVE-2025-22005

    In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw(). fib_check_nh_v6_gw() expects that fib6_nh_init() cleans up everything when it fails. Commit 7dd73168e273 ("ipv6: Alway... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025

  • 0.0

    NONE
    CVE-2025-22004

    In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees skb so save the length before calling ->send() to avoid a use after free.... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025

  • 0.0

    NONE
    CVE-2025-22003

    In the Linux kernel, the following vulnerability has been resolved: can: ucan: fix out of bound read in strscpy() source Commit 7fdaf8966aae ("can: ucan: use strscpy() to instead of strncpy()") unintentionally introduced a one byte out of bound read on ... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025

  • 0.0

    NONE
    CVE-2025-22002

    In the Linux kernel, the following vulnerability has been resolved: netfs: Call `invalidate_cache` only if implemented Many filesystems such as NFS and Ceph do not implement the `invalidate_cache` method. On those filesystems, if writing to the cache (... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025

  • 0.0

    NONE
    CVE-2025-22001

    In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix integer overflow in qaic_validate_req() These are u64 variables that come from the user via qaic_attach_slice_bo_ioctl(). Use check_add_overflow() to ensure that the ma... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025

  • 0.0

    NONE
    CVE-2025-22000

    In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: drop beyond-EOF folios with the right number of refs When an after-split folio is large and needs to be dropped due to EOF, folio_put_refs(folio, folio_nr_pages(folio)) ... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025

  • 0.0

    NONE
    CVE-2025-21999

    In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore der... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025

  • 0.0

    NONE
    CVE-2025-21998

    In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: fix efivars registration race Since the conversion to using the TZ allocator, the efivars service is registered before the memory pool has been allocated, so... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025

  • 0.0

    NONE
    CVE-2025-21997

    In the Linux kernel, the following vulnerability has been resolved: xsk: fix an integer overflow in xp_create_and_assign_umem() Since the i and pool->chunk_size variables are of type 'u32', their product can wrap around and then be cast to 'u64'. This c... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025

  • 0.0

    NONE
    CVE-2025-21996

    In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() On the off chance that command stream passed from userspace via ioctl() call to radeon_vce_cs_parse() is weirdly crafte... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025

  • 0.0

    NONE
    CVE-2025-21995

    In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix fence reference count leak The last_scheduled fence leaks when an entity is being killed and adding the cleanup callback fails. Decrement the reference count of prev whe... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025

  • 6.4

    CVSS31
    CVE-2025-1663

    The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 1.5.142 due to insufficient input sanitization and output escaping. This makes it possible for... Read more

    Affected Products :
    • Published: Apr. 03, 2025
    • Modified: Apr. 03, 2025
Showing 20 of 501 Results
© cvefeed.io
Latest DB Update: Apr. 03, 2025 9:32