Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2022-50335

    In the Linux kernel, the following vulnerability has been resolved: 9p: set req refcount to zero to avoid uninitialized usage When a new request is allocated, the refcount will be zero if it is reused, but if the request is newly allocated from slab, it... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50329

    In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq Commit 64dc8c732f5c ("block, bfq: fix possible uaf for 'bfqq->bic'") will access 'bic->bfqq' in bic_set_bfqq(), however, bfq_exit_icq_b... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50320

    In the Linux kernel, the following vulnerability has been resolved: ACPI: tables: FPDT: Don't call acpi_os_map_memory() on invalid phys address On a Packard Bell Dot SC (Intel Atom N2600 model) there is a FPDT table which contains invalid physical addre... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53232

    In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data The MT7921 driver no longer uses eeprom.data, but the relevant code has not been removed completely since commit 16d9... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53236

    In the Linux kernel, the following vulnerability has been resolved: iommufd: Do not corrupt the pfn list when doing batch carry If batch->end is 0 then setting npfns[0] before computing the new value of pfns will fail to adjust the pfn and result in var... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53235

    In the Linux kernel, the following vulnerability has been resolved: drm/tests: helpers: Avoid a driver uaf when using __drm_kunit_helper_alloc_drm_device() the driver may be dereferenced by device-managed resources up until the device is freed, which is... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53218

    In the Linux kernel, the following vulnerability has been resolved: rxrpc: Make it so that a waiting process can be aborted When sendmsg() creates an rxrpc call, it queues it to wait for a connection and channel to be assigned and then waits before it c... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2023-53249

    In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe Use devm_of_iomap() instead of of_iomap() to automatically handle the unused ioremap region. If any error occurs, regions a... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53248

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: install stub fence into potential unused fence pointers When using cpu to update page tables, vm update fences are unused. Install stub fence into these fence pointers inste... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53233

    In the Linux kernel, the following vulnerability has been resolved: net/smc: fix deadlock triggered by cancel_delayed_work_syn() The following LOCKDEP was detected: Workqueue: events smc_lgr_free_work [smc] WARNING: possible circular locking depende... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2022-50251

    In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and it... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 7.7

    HIGH
    CVE-2025-59363

    In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 (even though this secret should only be returned when an App is first created),... Read more

    Affected Products :
    • Published: Sep. 14, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Information Disclosure

  • 5.1

    MEDIUM
    CVE-2025-10370

    A vulnerability was identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. This vulnerability affects unknown code of the file /htdocs/userScripts.php. The manipulation of the argument Custom script leads to cross site scripting. The attack is possible to b... Read more

    Affected Products : phoniebox
    • Published: Sep. 13, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.1

    MEDIUM
    CVE-2025-10369

    A vulnerability was determined in MiczFlor RPi-Jukebox-RFID up to 2.8.0. This affects an unknown part of the file /htdocs/cardRegisterNew.php. Executing manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has be... Read more

    Affected Products : phoniebox
    • Published: Sep. 13, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Cross-Site Scripting

  • 0.0

    NA
    CVE-2022-50255

    In the Linux kernel, the following vulnerability has been resolved: tracing: Fix reading strings from synthetic events The follow commands caused a crash: # cd /sys/kernel/tracing # echo 's:open char file[]' > dynamic_events # echo 'hist:keys=com... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50244

    In the Linux kernel, the following vulnerability has been resolved: cxl: fix possible null-ptr-deref in cxl_pci_init_afu|adapter() If device_register() fails in cxl_pci_afu|adapter(), the device is not added, device_unregister() can not be called in the... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50243

    In the Linux kernel, the following vulnerability has been resolved: sctp: handle the error returned from sctp_auth_asoc_init_active_key When it returns an error from sctp_auth_asoc_init_active_key(), the active_key is actually not updated. The old sh_ke... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50242

    In the Linux kernel, the following vulnerability has been resolved: drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init() If vp alloc failed in qlcnic_sriov_init(), all previously allocated vp needs to be freed.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50234

    In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: defer registered files gc to io_uring release Instead of putting io_uring's registered files in unix_gc() we want it to be done by io_uring itself. The trick here is t... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 7.5

    HIGH
    CVE-2025-59358

    The Chaos Controller Manager in Chaos Mesh exposes a GraphQL debugging server without authentication to the entire Kubernetes cluster, which provides an API to kill arbitrary processes in any Kubernetes pod, leading to cluster-wide denial of service.... Read more

    Affected Products :
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Denial of Service
Showing 20 of 4277 Results