Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2025-21809

    In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix peer hash locking vs RCU callback In its address list, afs now retains pointers to and refs on one or more rxrpc_peer objects. The address list is freed under RCU and a... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-21808

    In the Linux kernel, the following vulnerability has been resolved: net: xdp: Disallow attaching device-bound programs in generic mode Device-bound programs are used to support RX metadata kfuncs. These kfuncs are driver-specific and rely on the driver ... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-21807

    In the Linux kernel, the following vulnerability has been resolved: block: fix queue freeze vs limits lock order in sysfs store methods queue_attr_store() always freezes a device queue before calling the attribute store operation. For attributes that co... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-21806

    In the Linux kernel, the following vulnerability has been resolved: net: let net.core.dev_weight always be non-zero The following problem was encountered during stability test: (NULL net_device): NAPI poll function process_backlog+0x0/0x530 \ returned... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-21805

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs: Add missing deinit() call A warning is triggered when repeatedly connecting and disconnecting the rnbd: list_add corruption. prev->next should be next (ffff88800b13e480), bu... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-21804

    In the Linux kernel, the following vulnerability has been resolved: PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region() The rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region() macro to request a needed resou... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-21803

    In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix warnings during S3 suspend The enable_gpe_wakeup() function calls acpi_enable_all_wakeup_gpes(), and the later one may call the preempt_schedule_common() function, result... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-21802

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each ae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-21801

    In the Linux kernel, the following vulnerability has been resolved: net: ravb: Fix missing rtnl lock in suspend/resume path Fix the suspend/resume path by ensuring the rtnl lock is held where required. Calls to ravb_open, ravb_close and wol operations m... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-21800

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, fix definer's HWS_SET32 macro for negative offset When bit offset for HWS_SET32 macro is negative, UBSAN complains about the shift-out-of-bounds: UBSAN: shift-out-of-b... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-21799

    In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() When getting the IRQ we use k3_udma_glue_tx_get_irq() which returns negative error value on error. So no... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2025-21798

    In the Linux kernel, the following vulnerability has been resolved: firewire: test: Fix potential null dereference in firewire kunit test kunit_kzalloc() may return a NULL pointer, dereferencing it without NULL check may lead to NULL dereference. Add a ... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2024-58042

    In the Linux kernel, the following vulnerability has been resolved: rhashtable: Fix potential deadlock by moving schedule_work outside lock Move the hash table growth check and work scheduling outside the rht lock to prevent a possible circular locking ... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025
    • Vuln Type: Race Condition

  • 7.8

    HIGH
    CVE-2024-58034

    In the Linux kernel, the following vulnerability has been resolved: memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code() As of_find_node_by_name() release the reference of the argument device node, tegra_emc_find_node_b... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Mar. 21, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2024-58022

    In the Linux kernel, the following vulnerability has been resolved: mailbox: th1520: Fix a NULL vs IS_ERR() bug The devm_ioremap() function doesn't return error pointers, it returns NULL. Update the error checking to match.... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Feb. 27, 2025

  • 6.1

    MEDIUM
    CVE-2024-54957

    Nagios XI 2024R1.2.2 is vulnerable to an open redirect flaw on the Tools page, exploitable by users with read-only permissions. This vulnerability allows an attacker to craft a malicious link that redirects users to an arbitrary external URL without their... Read more

    Affected Products : nagios_xi
    • Published: Feb. 27, 2025
    • Modified: Jul. 07, 2025
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2024-53944

    An issue was discovered on Tuoshi/Dionlink LT15D 4G Wi-Fi devices through M7628NNxlSPv2xUI_v1.0.1802.10.08_P4 and LT21B devices through M7628xUSAxUIv2_v1.0.1481.15.02_P0. A unauthenticated remote attacker with network access can exploit a command injectio... Read more

    Affected Products :
    • Published: Feb. 27, 2025
    • Modified: Mar. 04, 2025
    • Vuln Type: Injection

  • 5.4

    MEDIUM
    CVE-2024-53408

    AVE System Web Client v2.1.131.13992 was discovered to contain a cross-site scripting (XSS) vulnerability.... Read more

    Affected Products :
    • Published: Feb. 27, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.1

    MEDIUM
    CVE-2025-22624

    FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry and Carousel 2.4.29 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially untrusted data in myapp/extensio... Read more

    Affected Products :
    • Published: Feb. 27, 2025
    • Modified: Jul. 01, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-0767

    WP Activity Log 5.3.2 was found to be vulnerable. Unvalidated user input is used directly in an unserialize function in myapp/classes/Writers/class-csv-writer.php.... Read more

    Affected Products : wp_activity_log
    • Published: Feb. 27, 2025
    • Modified: May. 21, 2025
    • Vuln Type: Information Disclosure
Showing 20 of 291830 Results