Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2023-53348

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when aborting transaction during relocation with scrub Before relocating a block group we pause scrub, then do the relocation and then unpause scrub. The relocation ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Denial of Service

  • 4.6

    MEDIUM
    CVE-2025-59415

    Frappe Learning is a learning system that helps users structure their content. In versions 2.34.1 and below, there is a security vulnerability in Frappe Learning where the system did not adequately sanitize the content uploaded in the profile bio. Malicio... Read more

    Affected Products : frappe_lms
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.3

    MEDIUM
    CVE-2025-10493

    The Chained Quiz plugin for WordPress is vulnerable to Insecure Direct Object Reference in version 1.3.4 and below via the quiz submission and completion mechanisms due to missing validation on a user controlled key. This makes it possible for unauthentic... Read more

    Affected Products : chained_quiz
    • Published: Sep. 18, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Authorization

  • 3.7

    LOW
    CVE-2025-30187

    In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded I/O read loop, causing an... Read more

    Affected Products : dnsdist
    • Published: Sep. 18, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Denial of Service

  • 6.4

    MEDIUM
    CVE-2025-9992

    The Ghost Kit – Page Builder Blocks, Motion Effects & Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom JS field in all versions up to, and including, 3.4.3 due to insufficient input sanitization and output escapi... Read more

    Affected Products :
    • Published: Sep. 18, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Cross-Site Scripting

  • 0.0

    NA
    CVE-2022-50354

    In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kfd_process_device_init_vm error handling Should only destroy the ib_mem and let process cleanup worker to free the outstanding BOs. Reset the pointer in pdd->qpd struct... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53345

    In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential data race in rxrpc_wait_to_be_connected() Inside the loop in rxrpc_wait_to_be_connected() it checks call->error to see if it should exit the loop without first chec... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2023-53335

    In the Linux kernel, the following vulnerability has been resolved: RDMA/cxgb4: Fix potential null-ptr-deref in pass_establish() If get_ep_from_tid() fails to lookup non-NULL value for ep, ep is dereferenced later regardless of whether it is empty. This... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50370

    In the Linux kernel, the following vulnerability has been resolved: i2c: designware: Fix handling of real but unexpected device interrupts Commit c7b79a752871 ("mfd: intel-lpss: Add Intel Alder Lake PCH-S PCI IDs") caused a regression on certain Gigabyt... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2022-50364

    In the Linux kernel, the following vulnerability has been resolved: i2c: mux: reg: check return value after calling platform_get_resource() It will cause null-ptr-deref in resource_size(), if platform_get_resource() returns NULL, move calling resource_s... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50355

    In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of this driver, memory is allocated with 'i' acting as an index variable and increasing from 0... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50358

    In the Linux kernel, the following vulnerability has been resolved: brcmfmac: return error when getting invalid max_flowrings from dongle When firmware hit trap at initialization, host will read abnormal max_flowrings number from dongle, and it will cau... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2022-50360

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: fix aux-bus EP lifetime Device-managed resources allocated post component bind must be tied to the lifetime of the aggregate DRM device or they will not necessarily be relea... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2022-50366

    In the Linux kernel, the following vulnerability has been resolved: powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue When value < time_unit, the parameter of ilog2() will be zero and the return value is -1. u64(-1) is too large for shift expone... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50371

    In the Linux kernel, the following vulnerability has been resolved: led: qcom-lpg: Fix sleeping in atomic lpg_brighness_set() function can sleep, while led's brightness_set() callback must be non-blocking. Change LPG driver to use brightness_set_blockin... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-39809

    In the Linux kernel, the following vulnerability has been resolved: HID: intel-thc-hid: intel-quicki2c: Fix ACPI dsd ICRS/ISUB length The QuickI2C ACPI _DSD methods return ICRS and ISUB data with a trailing byte, making the actual length is one more byt... Read more

    Affected Products : linux_kernel
    • Published: Sep. 16, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39810

    In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix memory corruption when FW resources change during ifdown bnxt_set_dflt_rings() assumes that it is always called before any TC has been created. So it doesn't take bp->num_... Read more

    Affected Products : linux_kernel
    • Published: Sep. 16, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50373

    In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix race in lowcomms This patch fixes a race between queue_work() in _dlm_lowcomms_commit_msg() and srcu_read_unlock(). The queue_work() can take the final reference of a dlm_m... Read more

    Affected Products : linux_kernel
    • Published: Sep. 17, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-39813

    In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump When calling ftrace_dump_one() concurrently with reading trace_pipe, a WARN_ON_ONCE() in trace_printk_seq() can be t... Read more

    Affected Products : linux_kernel
    • Published: Sep. 16, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-39817

    In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare Observed on kernel 6.6 (present on master as well): BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0 Call trace: kasan_c... Read more

    Affected Products : linux_kernel
    • Published: Sep. 16, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 4506 Results