Latest CVE Feed
-
0.0
NACVE-2025-39892
In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: care NULL dirver name on snd_soc_lookup_component_nolocked() soc-generic-dmaengine-pcm.c uses same dev for both CPU and Platform. In such case, CPU component driver migh... Read more
Affected Products : linux_kernel- Published: Oct. 01, 2025
- Modified: Oct. 02, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-39891
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Initialize the chan_stats array to zero The adapter->chan_stats[] array is initialized in mwifiex_init_channel_scan_gap() with vmalloc(), which doesn't zero out memory. ... Read more
Affected Products : linux_kernel- Published: Oct. 01, 2025
- Modified: Oct. 02, 2025
- Vuln Type: Information Disclosure
-
5.9
MEDIUMCVE-2025-11226
ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.18 in Java applications, allows an attacker to execute arbitrary code by compromising an existing logback configuration file or by injec... Read more
Affected Products :- Published: Oct. 01, 2025
- Modified: Oct. 02, 2025
- Vuln Type: Misconfiguration
-
9.1
CRITICALCVE-2020-36852
The Custom Searchable Data Entry System plugin for WordPress is vulnerable to unauthenticated database wiping in versions up to, and including 1.7.1, due to a missing capability check and lack of sufficient validation on the ghazale_sds_delete_entries_tab... Read more
Affected Products :- Published: Oct. 01, 2025
- Modified: Oct. 02, 2025
- Vuln Type: Authentication
-
6.1
MEDIUMCVE-2025-9512
The Schema & Structured Data for WP & AMP WordPress plugin before 1.50 does not properly handles HTML tag attribute modifications, making it possible for unauthenticated attackers to conduct Stored XSS attacks via post comments.... Read more
Affected Products :- Published: Oct. 01, 2025
- Modified: Oct. 02, 2025
- Vuln Type: Cross-Site Scripting