Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2023-53230

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning in cifs_smb3_do_mount() This fixes the following warning reported by kernel test robot fs/smb/client/cifsfs.c:982 cifs_smb3_do_mount() warn: possible memor... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53233

    In the Linux kernel, the following vulnerability has been resolved: net/smc: fix deadlock triggered by cancel_delayed_work_syn() The following LOCKDEP was detected: Workqueue: events smc_lgr_free_work [smc] WARNING: possible circular locking depende... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2023-53237

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix amdgpu_irq_put call trace in gmc_v11_0_hw_fini The gmc.ecc_irq is enabled by firmware per IFWI setting, and the host driver is not privileged to enable/disable the inter... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53238

    In the Linux kernel, the following vulnerability has been resolved: phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe() The size of array 'priv->ports[]' is INNO_PHY_PORT_NUM. In the for loop, 'i' is used as the index for array 'priv->p... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53239

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Add check for kzalloc As kzalloc may fail and return NULL pointer, it should be better to check the return value in order to avoid the NULL pointer dereference. Patchwork... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53241

    In the Linux kernel, the following vulnerability has been resolved: nfsd: call op_release, even when op_func returns an error For ops with "trivial" replies, nfsd4_encode_operation will shortcut most of the encoding work and skip to just marshalling up ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53242

    In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/hisi: Drop second sensor hi3660 The commit 74c8e6bffbe1 ("driver core: Add __alloc_size hint to devm allocators") exposes a panic "BRK handler: Fatal exception" on the h... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53244

    In the Linux kernel, the following vulnerability has been resolved: media: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish When the driver calls tw68_risc_buffer() to prepare the buffer, the function call dma_alloc_coherent may fail, resulti... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53245

    In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix handling of virtual Fibre Channel timeouts Hyper-V provides the ability to connect Fibre Channel LUNs to the host system and present them in a guest VM as a SCSI devi... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2023-53249

    In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe Use devm_of_iomap() instead of of_iomap() to automatically handle the unused ioremap region. If any error occurs, regions a... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53202

    In the Linux kernel, the following vulnerability has been resolved: PM: domains: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make thing... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39801

    In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Remove WARN_ON for device endpoint command timeouts This commit addresses a rarely observed endpoint command timeout which causes kernel panic due to warn when 'panic_on_warn... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-39802

    In the Linux kernel, the following vulnerability has been resolved: lib/crypto: arm/poly1305: Fix register corruption in no-SIMD contexts Restore the SIMD usability check that was removed by commit 773426f4771b ("crypto: arm/poly1305 - Add block-only in... Read more

    Affected Products : linux_kernel
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Cryptography

  • 0.0

    NA
    CVE-2025-39795

    In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunk_sectors check in blk_stack_limits() In blk_stack_limits(), we check that the t->chunk_sectors value is a multiple of the t->physical_block_size ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 12, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-39793

    In the Linux kernel, the following vulnerability has been resolved: io_uring/memmap: cast nr_pages to size_t before shifting If the allocated size exceeds UINT_MAX, then it's necessary to cast the mr->nr_pages value to size_t to prevent it from overflow... Read more

    Affected Products : linux_kernel
    • Published: Sep. 12, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 6.9

    MEDIUM
    CVE-2025-10453

    O'View MapServer developed by PilotGaea Technologies has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to probe internal network.... Read more

    Affected Products :
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Server-Side Request Forgery

  • 5.3

    MEDIUM
    CVE-2025-6638

    A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically affecting the MarianTokenizer's `remove_language_code()` method. This vulnerability is present in version 4.52.4 and has bee... Read more

    Affected Products : transformers
    • Published: Sep. 12, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Denial of Service

  • 7.3

    HIGH
    CVE-2025-27234

    Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. In Zabbix 5.0 this allows for remote code execution.... Read more

    Affected Products : zabbix
    • Published: Sep. 12, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-10265

    Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device.... Read more

    Affected Products :
    • Published: Sep. 12, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-10452

    Statistical Database System developed by Gotac has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents with high-level privileges.... Read more

    Affected Products :
    • Published: Sep. 15, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Authentication
Showing 20 of 4320 Results