Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2023-54278

    In the Linux kernel, the following vulnerability has been resolved: s390/vmem: split pages when debug pagealloc is enabled Since commit bb1520d581a3 ("s390/mm: start kernel with DAT enabled") the kernel crashes early during boot when debug pagealloc is ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-54262

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't clone flow post action attributes second time The code already clones post action attributes in mlx5e_clone_flow_attr_for_post_act(). Creating another copy in mlx5e_tc_... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-54233

    In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .module_info field won't be set, then sof_ipc4_route_setup() will ca... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-54236

    In the Linux kernel, the following vulnerability has been resolved: net/net_failover: fix txq exceeding warning The failover txq is inited as 16 queues. when a packet is transmitted from the failover device firstly, the failover device will select the q... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-54223

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDP_REDIRECT path... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-54222

    In the Linux kernel, the following vulnerability has been resolved: hte: tegra-194: Fix off by one in tegra_hte_map_to_line_id() The "map_sz" is the number of elements in the "m" array so the > comparison needs to be changed to >= to prevent an out of b... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Memory Corruption

  • 1.2

    LOW
    CVE-2025-69210

    FacturaScripts is open-source enterprise resource planning and accounting software. Prior to version 2025.7, a stored cross-site scripting (XSS) vulnerability exists in the product file upload functionality. Authenticated users can upload crafted XML file... Read more

    Affected Products : facturascripts
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Cross-Site Scripting

  • 0.0

    NA
    CVE-2023-54253

    In the Linux kernel, the following vulnerability has been resolved: btrfs: set page extent mapped after read_folio in relocate_one_page One of the CI runs triggered the following panic assertion failed: PagePrivate(page) && page->private, in fs/btrfs... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-54250

    In the Linux kernel, the following vulnerability has been resolved: ksmbd: avoid out of bounds access in decode_preauth_ctxt() Confirm that the accessed pneg_ctxt->HashAlgorithms address sits within the SMB request boundary; deassemble_neg_contexts() on... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-54247

    In the Linux kernel, the following vulnerability has been resolved: bpf: Silence a warning in btf_type_id_size() syzbot reported a warning in [1] with the following stacktrace: WARNING: CPU: 0 PID: 5005 at kernel/bpf/btf.c:1988 btf_type_id_size+0x2d9/... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025

  • 7.5

    HIGH
    CVE-2022-50692

    SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an insufficient session expiration vulnerability that allows attackers to reuse old session credentials. Attackers can exploit weak session management to potentially hijack active user sessions ... Read more

    Affected Products : stream
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Authentication

  • 0.0

    NA
    CVE-2023-54317

    In the Linux kernel, the following vulnerability has been resolved: dm flakey: don't corrupt the zero page When we need to zero some range on a block device, the function __blkdev_issue_zero_pages submits a write bio with the bio vector pointing to the ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-54314

    In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005_i2c_xfer In af9005_i2c_xfer, msg is controlled by user. When msg[i].buf is null and msg[i].len is zero, former checks on msg[i].buf would be ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-54284

    In the Linux kernel, the following vulnerability has been resolved: media: av7110: prevent underflow in write_ts_to_decoder() The buf[4] value comes from the user via ts_play(). It is a value in the u8 range. The final length we pass to av7110_ipack_i... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-54214

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix potential user-after-free This fixes all instances of which requires to allocate a buffer calling alloc_skb which may release the chan lock and reacquire later whi... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-54310

    In the Linux kernel, the following vulnerability has been resolved: scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition mptlan_probe() calls mpt_register_lan_device() which initializes the &priv->post_buckets_task work... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2023-54279

    In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pass a empty env fw_getenv will use env entry to determine style of env, however it is legal for firmware to just pass a empty list. Check if first entry ex... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-54265

    In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix an uninit variable access bug in __ip6_make_skb() Syzbot reported a bug as following: ===================================================== BUG: KMSAN: uninit-value in arch_a... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-54260

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbd_destroy() will directly return, then the conn... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-54220

    In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix oops for port->pm on uart_change_pm() Unloading a hardware specific 8250 driver can produce error "Unable to handle kernel paging request at virtual address" about ten... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 4404 Results