Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2025-62771

    Mercku M6a devices through 2.1.0 allow password changes via intranet CSRF attacks.... Read more

    Affected Products :
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 0.0

    NA
    CVE-2023-53703

    In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Fix for shift-out-of-bounds Shift operation of 'exp' and 'shift' variables exceeds the maximum number of shift values in the u32 range leading to UBSAN shift-out-of-bounds... Read more

    Affected Products : linux_kernel
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53711

    In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a potential data corruption We must ensure that the subrequests are joined back into the head before we can retransmit a request. If the head was not on the commit lists, becau... Read more

    Affected Products : linux_kernel
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53710

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix error code of return in mt7921_acpi_read Kernel NULL pointer dereference when ACPI SAR table isn't implemented well. Fix the error code of return to mark the ACP... Read more

    Affected Products : linux_kernel
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53708

    In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects If a badly constructed firmware includes multiple `ACPI_TYPE_PACKAGE` objects while evaluating the AMD LPS0 _DSM, there will ... Read more

    Affected Products : linux_kernel
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53712

    In the Linux kernel, the following vulnerability has been resolved: ARM: 9317/1: kexec: Make smp stop calls asynchronous If a panic is triggered by a hrtimer interrupt all online cpus will be notified and set offline. But as highlighted by commit 19dbdc... Read more

    Affected Products : linux_kernel
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Denial of Service

  • 6.4

    MEDIUM
    CVE-2025-11867

    The Bg Book Publisher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `book_author` post meta, rendered through the `[book_author]` shortcode, in all versions up to, and including, 1.25. This is due to the plugin not properly esc... Read more

    Affected Products :
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Cross-Site Scripting

  • 0.0

    NA
    CVE-2023-53731

    In the Linux kernel, the following vulnerability has been resolved: netlink: fix potential deadlock in netlink_set_err() syzbot reported a possible deadlock in netlink_set_err() [1] A similar issue was fixed in commit 1d482e666b8e ("netlink: disable IR... Read more

    Affected Products : linux_kernel
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Race Condition

  • 9.8

    CRITICAL
    CVE-2025-56447

    TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure.... Read more

    Affected Products :
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Authentication

  • 10.0

    CRITICAL
    CVE-2016-15048

    AMTT Hotel Broadband Operation System (HiBOS) contains an unauthenticated command injection vulnerability in the /manager/radius/server_ping.php endpoint. The application constructs a shell command that includes the user-supplied ip parameter and executes... Read more

    Affected Products :
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2022-50562

    In the Linux kernel, the following vulnerability has been resolved: tpm: acpi: Call acpi_put_table() to fix memory leak The start and length of the event log area are obtained from TPM2 or TCPA table, so we call acpi_get_table() to get the ACPI informat... Read more

    Affected Products : linux_kernel
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50582

    In the Linux kernel, the following vulnerability has been resolved: regulator: core: Prevent integer underflow By using a ratio of delay to poll_enabled_time that is not integer time_remaining underflows and does not exit the loop as expected. As delay ... Read more

    Affected Products : linux_kernel
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50564

    In the Linux kernel, the following vulnerability has been resolved: s390/netiucv: Fix return type of netiucv_tx() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function poin... Read more

    Affected Products : linux_kernel
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2022-50565

    In the Linux kernel, the following vulnerability has been resolved: wifi: plfxlc: fix potential memory leak in __lf_x_usb_enable_rx() urbs does not be freed in exception paths in __lf_x_usb_enable_rx(). That will trigger memory leak. To fix it, add kfre... Read more

    Affected Products : linux_kernel
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53695

    In the Linux kernel, the following vulnerability has been resolved: udf: Detect system inodes linked into directory hierarchy When UDF filesystem is corrupted, hidden system inodes can be linked into directory hierarchy which is an avenue for further se... Read more

    Affected Products : linux_kernel
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53698

    In the Linux kernel, the following vulnerability has been resolved: xsk: fix refcount underflow in error path Fix a refcount underflow problem reported by syzbot that can happen when a system is running out of memory. If xp_alloc_tx_descs() fails, and i... Read more

    Affected Products : linux_kernel
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Memory Corruption

  • 6.3

    MEDIUM
    CVE-2025-11965

    In Eclipse Vert.x versions [4.0.0, 4.5.21] and [5.0.0, 5.0.4], a StaticHandler configuration for restricting access to hidden files fails to restrict access to hidden directories, allowing unauthorized users to retrieve files within them (e.g. '.git/confi... Read more

    Affected Products : vert.x-web
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Path Traversal

  • 0.0

    NA
    CVE-2023-53707

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 The type of size is unsigned int, if size is 0x40000000, there will be an integer overflow, size will be zero after size *= sizeof(ui... Read more

    Affected Products : linux_kernel
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Memory Corruption

  • 6.9

    MEDIUM
    CVE-2025-11915

    Connection desynchronization between an HTTP proxy and the model backend. The fixes were rolled out for all proxies in front of impacted models by 2025-09-28. Users do not need to take any action.... Read more

    Affected Products :
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53692

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline Syzbot found the following issue: loop0: detected capacity change from 0 to 2048 EXT4-fs (loop0): mounted filesys... Read more

    Affected Products : linux_kernel
    • Published: Oct. 22, 2025
    • Modified: Oct. 22, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 3832 Results