Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2025-40158

    In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_output() Use RCU in ip6_output() in order to use dst_dev_rcu() to prevent possible UAF. We can remove rcu_read_lock()/rcu_read_unlock() pairs from ip6_finish_outpu... Read more

    Affected Products : linux_kernel
    • Published: Nov. 12, 2025
    • Modified: Nov. 12, 2025

  • 0.0

    NA
    CVE-2025-40156

    In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() The drv->sram_reg pointer could be set to ERR_PTR(-EPROBE_DEFER) which would lead to a error pointer dereferenc... Read more

    Affected Products : linux_kernel
    • Published: Nov. 12, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-40146

    In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix potential deadlock while nr_requests grown Allocate and free sched_tags while queue is freezed can deadlock[1], this is a long term problem, hence allocate memory before fre... Read more

    Affected Products : linux_kernel
    • Published: Nov. 12, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-40119

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential null deref in ext4_mb_init() In ext4_mb_init(), ext4_mb_avg_fragment_size_destroy() may be called when sbi->s_mb_avg_fragment_size remains uninitialized (e.g., if gr... Read more

    Affected Products : linux_kernel
    • Published: Nov. 12, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Memory Corruption

  • 5.2

    MEDIUM
    CVE-2025-54983

    A health check port on Zscaler Client Connector on Windows, versions 4.6 < 4.6.0.216 and 4.7 < 4.7.0.47, which under specific circumstances was not released after use, allowed traffic to potentially bypass ZCC forwarding controls.... Read more

    Affected Products :
    • Published: Nov. 12, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-40142

    In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Disable bottom softirqs as part of spin_lock_irq() on PREEMPT_RT snd_pcm_group_lock_irq() acquires a spinlock_t and disables interrupts via spin_lock_irq(). This also implici... Read more

    Affected Products : linux_kernel
    • Published: Nov. 12, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-40172

    In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() Currently, if find_and_map_user_pages() takes a DMA xfer request from the user with a length field set to 0, or in... Read more

    Affected Products : linux_kernel
    • Published: Nov. 12, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Misconfiguration

  • 7.1

    HIGH
    CVE-2025-61830

    Adobe Pass versions 3.7.3 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access. Exploitation of this issue requires user... Read more

    Affected Products :
    • Published: Nov. 11, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Authorization

  • 0.0

    NA
    CVE-2025-40126

    In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC The referenced commit introduced exception handlers on user-space memory references in copy_from_user and c... Read more

    Affected Products : linux_kernel
    • Published: Nov. 12, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-12748

    A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was performed before the ACL checks. A malicious user with limited permissions could exploit this flaw by submitting a specially crafted... Read more

    Affected Products :
    • Published: Nov. 11, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-40123

    In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce expected_attach_type for tailcall compatibility Yinhao et al. recently reported: Our fuzzer tool discovered an uninitialized pointer issue in the bpf_prog_test_run_xdp... Read more

    Affected Products : linux_kernel
    • Published: Nov. 12, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-40122

    In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix IA32_PMC_x_CFG_B MSRs access error When running perf_fuzzer on PTL, sometimes the below "unchecked MSR access error" is seen when accessing IA32_PMC_x_CFG_B MSRs. ... Read more

    Affected Products : linux_kernel
    • Published: Nov. 12, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-40149

    In the Linux kernel, the following vulnerability has been resolved: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). get_netdev_for_sock() is called during setsockopt(), so not under RCU. Using sk_dst_get(sk)->dev could trigger UAF. ... Read more

    Affected Products : linux_kernel
    • Published: Nov. 12, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-40173

    In the Linux kernel, the following vulnerability has been resolved: net/ip6_tunnel: Prevent perpetual tunnel growth Similarly to ipv4 tunnel, ipv6 version updates dev->needed_headroom, too. While ipv4 tunnel headroom adjustment growth was limited in com... Read more

    Affected Products : linux_kernel
    • Published: Nov. 12, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Memory Corruption

  • 8.7

    HIGH
    CVE-2025-13047

    Bacteriology Laboratory Reporting System developed by ViewLead Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.... Read more

    Affected Products :
    • Published: Nov. 12, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2025-40130

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling The cpu_latency_qos_add/remove/update_request interfaces lack internal synchronization by design, requiring the cal... Read more

    Affected Products : linux_kernel
    • Published: Nov. 12, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Race Condition

  • 4.3

    MEDIUM
    CVE-2025-12113

    The Alt Text Generator AI – Auto Generate & Bulk Update Alt Texts For Images plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the atgai_delete_api_key() function in all versions up to, and including, 1.8... Read more

    Affected Products :
    • Published: Nov. 12, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Authorization

  • 0.0

    NA
    CVE-2025-40137

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate first page in error path of f2fs_truncate() syzbot reports a bug as below: loop0: detected capacity change from 0 to 40427 F2FS-fs (loop0): Wrong SSA boundary, st... Read more

    Affected Products : linux_kernel
    • Published: Nov. 12, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-40152

    In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix bootup splat with separate_gpu_drm modparam The drm_gem_for_each_gpuvm_bo() call from lookup_vma() accesses drm_gem_obj.gpuva.list, which is not initialized when the drm dr... Read more

    Affected Products : linux_kernel
    • Published: Nov. 12, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-40164

    In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix using smp_processor_id() in preemptible code warnings Syzbot reported the following warning: BUG: using smp_processor_id() in preemptible [00000000] code: dhcpcd/2879 calle... Read more

    Affected Products : linux_kernel
    • Published: Nov. 12, 2025
    • Modified: Nov. 12, 2025
    • Vuln Type: Race Condition
Showing 20 of 3753 Results