Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2023-53755

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: check for null desc before calling pt_cmd_callback Resolves a panic that can occur on AMD systems, typically during host shutdown, after the PTDMA driver had been exer... Read more

    Affected Products : linux_kernel
    • Published: Dec. 08, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-40326

    In the Linux kernel, the following vulnerability has been resolved: NFSD: Define actions for the new time_deleg FATTR4 attributes NFSv4 clients won't send legitimate GETATTR requests for these new attributes because they are intended to be used only wit... Read more

    Affected Products : linux_kernel
    • Published: Dec. 08, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-40312

    In the Linux kernel, the following vulnerability has been resolved: jfs: Verify inode mode when loading from disk The inode mode loaded from corrupted disk can be invalid. Do like what commit 0a9e74051313 ("isofs: Verify inode mode when loading from dis... Read more

    Affected Products : linux_kernel
    • Published: Dec. 08, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2022-50624

    In the Linux kernel, the following vulnerability has been resolved: net: netsec: fix error handling in netsec_register_mdio() If phy_device_register() fails, phy_device_free() need be called to put refcount, so memory of phy device and device name can b... Read more

    Affected Products : linux_kernel
    • Published: Dec. 08, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50614

    In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Fix pci_endpoint_test_{copy,write,read}() panic The dma_map_single() doesn't permit zero length mapping. It causes a follow panic. A panic was reported on arm6... Read more

    Affected Products : linux_kernel
    • Published: Dec. 08, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-40307

    In the Linux kernel, the following vulnerability has been resolved: exfat: validate cluster allocation bits of the allocation bitmap syzbot created an exfat image with cluster bits not set for the allocation bitmap. exfat-fs reads and uses the allocatio... Read more

    Affected Products : linux_kernel
    • Published: Dec. 08, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53769

    In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read and write directly to shared unencrypted memory, which may leak information as well as permit the host to tamp... Read more

    Affected Products : linux_kernel
    • Published: Dec. 08, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-40319

    In the Linux kernel, the following vulnerability has been resolved: bpf: Sync pending IRQ work before freeing ring buffer Fix a race where irq_work can be queued in bpf_ringbuf_commit() but the ring buffer is freed before the work executes. In the syzbo... Read more

    Affected Products : linux_kernel
    • Published: Dec. 08, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2023-53767

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12k_qmi_driver_event_work() Currently the buffer pointed by event is not freed in case ATH12K_FLAG_UNREGISTERING bit is set, this causes memory leak.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 08, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53765

    In the Linux kernel, the following vulnerability has been resolved: dm cache: free background tracker's queued work in btracker_destroy Otherwise the kernel can BUG with: [ 2245.426978] ==================================================================... Read more

    Affected Products : linux_kernel
    • Published: Dec. 08, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-40315

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Fix epfile null pointer access after ep enable. A race condition occurs when ffs_func_eps_enable() runs concurrently with ffs_data_reset(). The ffs_data_clear() calle... Read more

    Affected Products : linux_kernel
    • Published: Dec. 08, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2022-50627

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix monitor mode bringup crash When the interface is brought up in monitor mode, it leads to NULL pointer dereference crash. This crash happens when the packet type is ext... Read more

    Affected Products : linux_kernel
    • Published: Dec. 08, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-40318

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once hci_cmd_sync_dequeue_once() does lookup and then cancel the entry under two separate lock sections. Meanwhile, hci_cmd_sync_wo... Read more

    Affected Products : linux_kernel
    • Published: Dec. 08, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2022-50620

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to invalidate dcc->f2fs_issue_discard in error path Syzbot reports a NULL pointer dereference issue as below: __refcount_add include/linux/refcount.h:193 [inline] __refcoun... Read more

    Affected Products : linux_kernel
    • Published: Dec. 08, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50621

    In the Linux kernel, the following vulnerability has been resolved: dm: verity-loadpin: Only trust verity targets with enforcement Verity targets can be configured to ignore corrupted data blocks. LoadPin must only trust verity targets that are configur... Read more

    Affected Products : linux_kernel
    • Published: Dec. 08, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2022-50623

    In the Linux kernel, the following vulnerability has been resolved: fpga: prevent integer overflow in dfl_feature_ioctl_set_irq() The "hdr.count * sizeof(s32)" multiplication can overflow on 32 bit systems leading to memory corruption. Use array_size()... Read more

    Affected Products : linux_kernel
    • Published: Dec. 08, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Memory Corruption

  • 8.4

    HIGH
    CVE-2025-61229

    An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the default task template to execute an arbitrary preflight script with root privileges and Full Disk Access, thus bypassing macOS privacy controls.... Read more

    Affected Products : superduper\!
    • Published: Dec. 01, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2025-14004

    A security flaw has been discovered in dayrui XunRuiCMS up to 4.7.1. Affected is an unknown function of the file /admind45f74adbd95.php?c=email&m=add of the component Email Setting Handler. Performing manipulation results in server-side request forgery. R... Read more

    Affected Products : xunruicms
    • Published: Dec. 04, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Server-Side Request Forgery

  • 0.0

    NA
    CVE-2025-40264

    In the Linux kernel, the following vulnerability has been resolved: be2net: pass wrb_params in case of OS2BMC be_insert_vlan_in_pkt() is called with the wrb_params argument being NULL at be_send_pkt_to_bmc() call site.  This may lead to dereferencing a ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 04, 2025
    • Modified: Dec. 06, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-40263

    In the Linux kernel, the following vulnerability has been resolved: Input: cros_ec_keyb - fix an invalid memory access If cros_ec_keyb_register_matrix() isn't called (due to `buttons_switches_only`) in cros_ec_keyb_probe(), `ckdev->idev` remains NULL. ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 04, 2025
    • Modified: Dec. 06, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 5283 Results