Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2025-55007

    Knowage is an open source analytics and business intelligence suite. Prior to version 8.1.37, Knowage is vulnerable to server-side request forgery. The vulnerability allows attackers to send requests to arbitrary hosts/paths. Since the attacker is not abl... Read more

    Affected Products : knowage
    • Published: Sep. 01, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Server-Side Request Forgery

  • 9.8

    CRITICAL
    CVE-2025-9831

    A weakness has been identified in PHPGurukul Beauty Parlour Management System 1.1. This impacts an unknown function of the file /admin/edit-services.php. This manipulation of the argument sername causes sql injection. The attack is possible to be carried ... Read more

    Affected Products : beauty_parlour_management_system
    • Published: Sep. 02, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-9832

    A security vulnerability has been detected in SourceCodester Food Ordering Management System 1.0. Affected is an unknown function of the file /routers/register-router.php. Such manipulation of the argument phone leads to sql injection. The attack may be p... Read more

    Affected Products : food_ordering_management_system
    • Published: Sep. 02, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-9833

    A vulnerability was detected in SourceCodester Online Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /Login/login.php. Performing manipulation of the argument uname results in sql injection. It is possib... Read more

    Affected Products : online_farm_management_system
    • Published: Sep. 02, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2025-38713

    In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() The hfsplus_readdir() method is capable to crash by calling hfsplus_uni2asc(): [ 667.121659][ T9805] ========================... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 4.2

    MEDIUM
    CVE-2025-23301

    NVIDIA HGX and DGX contain a vulnerability where a misconfiguration of the VBIOS could enable an attacker to set an unsafe debug access level. A successful exploit of this vulnerability might lead to denial of service.... Read more

    Affected Products :
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38682

    In the Linux kernel, the following vulnerability has been resolved: i2c: core: Fix double-free of fwnode in i2c_unregister_device() Before commit df6d7277e552 ("i2c: core: Do not dereference fwnode in struct device"), i2c_unregister_device() only called... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38705

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix null pointer access Writing a string without delimiters (' ', '\n', '\0') to the under gpu_od/fan_ctrl sysfs or pp_power_profile_mode for the CUSTOM profile will result ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38679

    In the Linux kernel, the following vulnerability has been resolved: media: venus: Fix OOB read due to missing payload bound check Currently, The event_seq_changed() handler processes a variable number of properties sent by the firmware. The number of pr... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-23261

    NVIDIA Cumulus Linux and NVOS products contain a vulnerability, where hashed user passwords are not properly suppressed in log files, potentially disclosing information to unauthorized users.... Read more

    Affected Products : cumulus_linux
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Information Disclosure

  • 0.0

    NA
    CVE-2025-38686

    In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix a crash in UFFDIO_MOVE when PMD is a migration entry When UFFDIO_MOVE encounters a migration PMD entry, it proceeds with obtaining a folio and accessing it even though ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38723

    In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Fix jump offset calculation in tailcall The extra pass of bpf_int_jit_compile() skips JIT context initialization which essentially skips offset calculation leaving out_o... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38693

    In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar In w7090p_tuner_write_serpar, msg is controlled by user. When msg[0].buf is nu... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38717

    In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcm_unattach() syzbot found a race condition when kcm_unattach(psock) and kcm_release(kcm) are executed at the same time. kcm_unattach() is missing a ch... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-38712

    In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file() When the volume header contains erroneous values that do not reflect the actual state of the filesystem, hfsplus_fill_sup... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-38711

    In the Linux kernel, the following vulnerability has been resolved: smb/server: avoid deadlock when linking with ReplaceIfExists If smb2_create_link() is called with ReplaceIfExists set and the name does exist then a deadlock will happen. ksmbd_vfs_ker... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-38709

    In the Linux kernel, the following vulnerability has been resolved: loop: Avoid updating block size under exclusive owner Syzbot came up with a reproducer where a loop device block size is changed underneath a mounted filesystem. This causes a mismatch ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-38694

    In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() In dib7090p_rw_on_apb, msg is controlled by user. When msg[0].buf is null and msg[0].len is zero, former check... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-38697

    In the Linux kernel, the following vulnerability has been resolved: jfs: upper bound check of tree index in dbAllocAG When computing the tree index in dbAllocAG, we never check if we are out of bounds realative to the size of the stree. This could happe... Read more

    Affected Products : linux_kernel
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 7.3

    HIGH
    CVE-2025-23257

    NVIDIA DOCA contains a vulnerability in the collectx-clxapidev Debian package that could allow an actor with low privileges to escalate privileges. A successful exploit of this vulnerability might lead to escalation of privileges.... Read more

    Affected Products :
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Authorization
Showing 20 of 4401 Results