Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2025-55007

    Knowage is an open source analytics and business intelligence suite. Prior to version 8.1.37, Knowage is vulnerable to server-side request forgery. The vulnerability allows attackers to send requests to arbitrary hosts/paths. Since the attacker is not abl... Read more

    Affected Products : knowage
    • Published: Sep. 01, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Server-Side Request Forgery

  • 9.8

    CRITICAL
    CVE-2025-9831

    A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. This impacts an unknown function of the file /admin/edit-services.php. This manipulation of the argument sername causes sql injection. The attack is possible to be carried ... Read more

    Affected Products : beauty_parlour_management_system
    • Published: Sep. 02, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-9832

    A security vulnerability has been detected in SourceCodester Food Ordering Management System 1.0. Affected is an unknown function of the file /routers/register-router.php. Such manipulation of the argument phone leads to sql injection. The attack may be p... Read more

    Affected Products : food_ordering_management_system
    • Published: Sep. 02, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-9833

    A vulnerability was detected in SourceCodester Online Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /Login/login.php. Performing manipulation of the argument uname results in sql injection. It is possib... Read more

    Affected Products : online_farm_management_system
    • Published: Sep. 02, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2025-38726

    In the Linux kernel, the following vulnerability has been resolved: net: ftgmac100: fix potential NULL pointer access in ftgmac100_phy_disconnect After the call to phy_disconnect() netdev->phydev is reset to NULL. So fixed_phy_unregister() would be call... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2025-23261

    NVIDIA Cumulus Linux and NVOS products contain a vulnerability, where hashed user passwords are not properly suppressed in log files, potentially disclosing information to unauthorized users.... Read more

    Affected Products : cumulus_linux
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Information Disclosure

  • 0.0

    NA
    CVE-2025-38686

    In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix a crash in UFFDIO_MOVE when PMD is a migration entry When UFFDIO_MOVE encounters a migration PMD entry, it proceeds with obtaining a folio and accessing it even though ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38683

    In the Linux kernel, the following vulnerability has been resolved: hv_netvsc: Fix panic during namespace deletion with VF The existing code move the VF NIC to new namespace when NETDEV_REGISTER is received on netvsc NIC. During deletion of the namespac... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-38705

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix null pointer access Writing a string without delimiters (' ', '\n', '\0') to the under gpu_od/fan_ctrl sysfs or pp_power_profile_mode for the CUSTOM profile will result ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38684

    In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: use old 'nbands' while purging unused classes Shuang reported sch_ets test-case [1] crashing in ets_class_qlen_notify() after recent changes from Lion [2]. The problem i... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38725

    In the Linux kernel, the following vulnerability has been resolved: net: usb: asix_devices: add phy_mask for ax88772 mdio bus Without setting phy_mask for ax88772 mdio bus, current driver may create at most 32 mdio phy devices with phy address range fro... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38689

    In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Fix NULL dereference in avx512_status() Problem ------- With CONFIG_X86_DEBUG_FPU enabled, reading /proc/[kthread]/arch_status causes a warning and a NULL pointer dereference. ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38724

    In the Linux kernel, the following vulnerability has been resolved: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() Lei Lu recently reported that nfsd4_setclientid_confirm() did not check the return value from get_client_locked()... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-38720

    In the Linux kernel, the following vulnerability has been resolved: net: hibmcge: fix rtnl deadlock issue Currently, the hibmcge netdev acquires the rtnl_lock in pci_error_handlers.reset_prepare() and releases it in pci_error_handlers.reset_done(). How... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-38700

    In the Linux kernel, the following vulnerability has been resolved: scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated In case of an ib_fast_reg_mr allocation failure during iSER setup, the machine hits a panic because iscsi_conn... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38727

    In the Linux kernel, the following vulnerability has been resolved: netlink: avoid infinite retry looping in netlink_unicast() netlink_attachskb() checks for the socket's read memory allocation constraints. Firstly, it has: rmem < READ_ONCE(sk->sk_rc... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-38693

    In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar In w7090p_tuner_write_serpar, msg is controlled by user. When msg[0].buf is nu... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38707

    In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add sanity check for file name The length of the file name should be smaller than the directory entry size.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38681

    In the Linux kernel, the following vulnerability has been resolved: mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() Memory hot remove unmaps and tears down various kernel page table regions as required. The ptdump code can race with co... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-38694

    In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() In dib7090p_rw_on_apb, msg is controlled by user. When msg[0].buf is null and msg[0].len is zero, former check... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 4403 Results