Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2025-39825

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix race with concurrent opens in rename(2) Besides sending the rename request to the server, the rename process also involves closing any deferred close, waiting for outst... Read more

    Affected Products : linux_kernel
    • Published: Sep. 16, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Race Condition

  • 5.7

    MEDIUM
    CVE-2025-55110

    Control-M/Agents use a kdb or PKCS#12 keystore by default, and the default keystore password is well known and documented. An attacker with read access to the keystore could access sensitive data using this password.... Read more

    Affected Products : control-m\/agent
    • Published: Sep. 16, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Cryptography

  • 9.5

    CRITICAL
    CVE-2025-55113

    If the Access Control List is enforced by the Control-M/Agent and the C router is in use (default in Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions; non-default but configurable using the JAVA_AR sett... Read more

    Affected Products : control-m\/agent
    • Published: Sep. 16, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Authorization

  • 8.9

    HIGH
    CVE-2025-55118

    Memory corruptions can be remotely triggered in the Control-M/Agent when SSL/TLS communication is configured. The issue occurs in the following cases: * Control-M/Agent 9.0.20: SSL/TLS configuration is set to the non-default setting "use_openssl=n";... Read more

    Affected Products : control-m\/agent
    • Published: Sep. 16, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53314

    In the Linux kernel, the following vulnerability has been resolved: fbdev/ep93xx-fb: Do not assign to struct fb_info.dev Do not assing the Linux device to struct fb_info.dev. The call to register_framebuffer() initializes the field to the fbdev device. ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 16, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39821

    In the Linux kernel, the following vulnerability has been resolved: perf: Avoid undefined behavior from stopping/starting inactive events Calling pmu->start()/stop() on perf events in PERF_EVENT_STATE_OFF can leave event->hw.idx at -1. When PMU drivers ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 16, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Misconfiguration

  • 6.8

    MEDIUM
    CVE-2025-37128

    A vulnerability in the web API of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to terminate arbitrary running processes. Successful exploitation could allow an attacker to disrupt system operations, potenti... Read more

    Affected Products :
    • Published: Sep. 16, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Denial of Service

  • 6.7

    MEDIUM
    CVE-2025-37129

    A vulnerable feature in the command line interface of EdgeConnect SD-WAN could allow an authenticated attacker to exploit built-in script execution capabilities. Successful exploitation could allow an attacker to execute arbitrary commands on the underlyi... Read more

    Affected Products :
    • Published: Sep. 16, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2022-50347

    In the Linux kernel, the following vulnerability has been resolved: mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leake... Read more

    Affected Products : linux_kernel
    • Published: Sep. 16, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Memory Corruption

  • 4.7

    MEDIUM
    CVE-2025-0419

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zirve Information Technologies Inc. Zirve Nova allows Cross-Site Scripting (XSS).This issue affects Zirve Nova: from 235 through 20250131.... Read more

    Affected Products :
    • Published: Sep. 17, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.3

    HIGH
    CVE-2025-59458

    In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 code execution was possible due to improper command validation... Read more

    Affected Products : junie
    • Published: Sep. 17, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2022-50341

    In the Linux kernel, the following vulnerability has been resolved: cifs: fix oops during encryption When running xfstests against Azure the following oops occurred on an arm64 system Unable to handle kernel write to read-only memory at virtual addre... Read more

    Affected Products : linux_kernel
    • Published: Sep. 16, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50352

    In the Linux kernel, the following vulnerability has been resolved: net: hns: fix possible memory leak in hnae_ae_register() Inject fault while probing module, if device_register() fails, but the refcount of kobject is not decreased to 0, the name alloc... Read more

    Affected Products : linux_kernel
    • Published: Sep. 16, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50342

    In the Linux kernel, the following vulnerability has been resolved: floppy: Fix memory leak in do_floppy_init() A memory leak was reported when floppy_alloc_disk() failed in do_floppy_init(). unreferenced object 0xffff888115ed25a0 (size 8): comm "mod... Read more

    Affected Products : linux_kernel
    • Published: Sep. 16, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53306

    In the Linux kernel, the following vulnerability has been resolved: fsdax: force clear dirty mark if CoW XFS allows CoW on non-shared extents to combat fragmentation[1]. The old non-shared extent could be mwrited before, its dax entry is marked dirty. ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 16, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50351

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_create() If the cifs already shutdown, we should free the xid before return, otherwise, the xid will be leaked.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 16, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53312

    In the Linux kernel, the following vulnerability has been resolved: net: fix net_dev_start_xmit trace event vs skb_transport_offset() After blamed commit, we must be more careful about using skb_transport_offset(), as reminded us by syzbot: WARNING: CP... Read more

    Affected Products : linux_kernel
    • Published: Sep. 16, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Information Disclosure

  • 0.0

    NA
    CVE-2023-53319

    In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Handle kvm_arm_init failure correctly in finalize_pkvm Currently there is no synchronisation between finalize_pkvm() and kvm_arm_init() initcalls. The finalize_pkvm() procee... Read more

    Affected Products : linux_kernel
    • Published: Sep. 16, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53323

    In the Linux kernel, the following vulnerability has been resolved: ext2/dax: Fix ext2_setsize when len is page aligned PAGE_ALIGN(x) macro gives the next highest value which is multiple of pagesize. But if x is already page aligned then it simply retur... Read more

    Affected Products : linux_kernel
    • Published: Sep. 16, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53322

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Wait for io return on terminate rport System crash due to use after free. Current code allows terminate_rport_io to exit before making sure all IOs has returned. For FCP-... Read more

    Affected Products : linux_kernel
    • Published: Sep. 16, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 4473 Results