Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2022-48704

    In the Linux kernel, the following vulnerability has been resolved: drm/radeon: add a force flush to delay work when radeon Although radeon card fence and wait for gpu to finish processing current batch rings, there is still a corner case that radeon lo... Read more

    Affected Products : linux_kernel
    • Published: May. 03, 2024
    • Modified: Sep. 19, 2025

  • 5.5

    MEDIUM
    CVE-2022-48705

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix crash in chip reset fail In case of drv own fail in reset, we may need to run mac_reset several times. The sequence would trigger system crash as the log below.... Read more

    Affected Products : linux_kernel
    • Published: May. 03, 2024
    • Modified: Sep. 19, 2025

  • 5.5

    MEDIUM
    CVE-2023-52763

    In the Linux kernel, the following vulnerability has been resolved: i3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data. The `i3c_master_bus_init` function may attach the I2C devices before the I3C bus initialization. In this flow, the ... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Sep. 19, 2025

  • 7.2

    HIGH
    CVE-2023-50895

    In Janitza GridVis through 9.0.66, exposed dangerous methods in the de.janitza.pasw.project.server.ServerDatabaseProject project load functionality allow remote authenticated administrative users to execute arbitrary Groovy code.... Read more

    Affected Products : gridvis
    • Published: Mar. 26, 2024
    • Modified: Sep. 19, 2025

  • 0.0

    NA
    CVE-2025-57528

    An issue was discovered in Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01 allowing attackers to cause a denial of service via the funcname, funcpara1, funcpara2 parameters to the formSetCfm function (uri path: SetCfm).... Read more

    Affected Products :
    • Published: Sep. 19, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2023-52700

    In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel warning when sending SYN message When sending a SYN message, this kernel stack trace is observed: ... [ 13.396352] RIP: 0010:_copy_from_iter+0xb4/0x550 ... [ 13.39... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Sep. 19, 2025

  • 5.7

    MEDIUM
    CVE-2025-2888

    During a snapshot rollback, the client incorrectly caches the timestamp metadata. If the client checks the cache when attempting to perform the next update, the update timestamp validation will fail, preventing the next update until the cache is cleared. ... Read more

    Affected Products : tough
    • Published: Mar. 27, 2025
    • Modified: Sep. 19, 2025

  • 7.1

    HIGH
    CVE-2021-47401

    In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix stack information leak The tty driver name is used also after registering the driver and must specifically not be allocated on the stack to avoid leaking information... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Sep. 19, 2025

  • 0.0

    NA
    CVE-2025-10717

    A vulnerability has been found in intsig CamScanner App 6.91.1.5.250711 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.intsig.camscanner. The manipulation leads to improper export of a... Read more

    Affected Products :
    • Published: Sep. 19, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-10716

    A flaw has been found in Creality Cloud App up to 6.1.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.cxsw.sdprinter. Executing manipulation can lead to improper export of andro... Read more

    Affected Products :
    • Published: Sep. 19, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Misconfiguration

  • 5.7

    MEDIUM
    CVE-2025-2885

    Missing validation of the root metatdata version number could allow an actor to supply an arbitrary version number to the client instead of the intended version in the root metadata file, altering the version fetched by the client. Users should upgrade to... Read more

    Affected Products : tough
    • Published: Mar. 27, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Misconfiguration

  • 5.7

    MEDIUM
    CVE-2025-2886

    Missing validation of terminating delegation causes the client to continue searching the defined delegation list, even after searching a terminating delegation. This could cause the client to fetch a target from an incorrect source, altering the target co... Read more

    Affected Products : tough
    • Published: Mar. 27, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Misconfiguration

  • 5.7

    MEDIUM
    CVE-2025-2887

    During a target rollback, the client fails to detect the rollback for delegated targets. This could cause the client to fetch a target from an incorrect source, altering the target contents. Users should upgrade to tough version 0.20.0 or later and ensure... Read more

    Affected Products : tough
    • Published: Mar. 27, 2025
    • Modified: Sep. 19, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2021-47398

    In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix kernel pointer leak Pointers should be printed with %p or %px rather than cast to 'unsigned long long' and printed with %llx. Change %llx to %p to print the secured poin... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Sep. 19, 2025

  • 5.5

    MEDIUM
    CVE-2023-52668

    In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: fix lock ordering in btrfs_zone_activate() The btrfs CI reported a lockdep warning as follows by running generic generic/129. WARNING: possible circular locking depend... Read more

    Affected Products : linux_kernel
    • Published: May. 17, 2024
    • Modified: Sep. 19, 2025

  • 9.8

    CRITICAL
    CVE-2024-29401

    xzs-mysql 3.8 is vulnerable to Insufficient Session Expiration, which allows attackers to use the session of a deleted admin to do anything.... Read more

    Affected Products : xzs-mysql
    • Published: Mar. 26, 2024
    • Modified: Sep. 19, 2025

  • 5.3

    MEDIUM
    CVE-2024-32210

    The LoMag WareHouse Management application version 1.0.20.120 and older were to utilize hard-coded passwords by default for forms and SQL connections.... Read more

    Affected Products : lomag_warehouse_management
    • Published: May. 01, 2024
    • Modified: Sep. 19, 2025

  • 5.5

    MEDIUM
    CVE-2024-32211

    An issue in LOGINT LoMag Inventory Management v1.0.20.120 and before allows a local attacker to obtain sensitive information via the UserClass.cs and Settings.cs components.... Read more

    Affected Products : lomag_warehouse_management
    • Published: May. 01, 2024
    • Modified: Sep. 19, 2025

  • 5.5

    MEDIUM
    CVE-2023-52661

    In the Linux kernel, the following vulnerability has been resolved: drm/tegra: rgb: Fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe() If clk_get_sys(..., "pll_d2_out0") fails, the clk_get_sys() call must be undone. Add the missi... Read more

    Affected Products : linux_kernel
    • Published: May. 17, 2024
    • Modified: Sep. 19, 2025

  • 5.4

    MEDIUM
    CVE-2024-52312

    Due to inconsistent authorization permissions, data.all may allow an external actor with an authenticated account to perform restricted operations against DataSets and Environments.... Read more

    Affected Products : data.all
    • Published: Nov. 09, 2024
    • Modified: Sep. 19, 2025
Showing 20 of 294758 Results