Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2025-39772

    In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix the hibmc loaded failed bug When hibmc loaded failed, the driver use hibmc_unload to free the resource, but the mutexes in mode.config are not init, which will ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39768

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, fix complex rules rehash error flow Moving rules from matcher to matcher should not fail. However, if it does fail due to various reasons, the error flow should allow the... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Denial of Service

  • 5.1

    MEDIUM
    CVE-2025-10273

    A vulnerability was identified in erjinzhi 10OA 1.0. Affected by this vulnerability is an unknown functionality of the file /view/file.aspx. Such manipulation of the argument File leads to path traversal. The exploit is publicly available and might be use... Read more

    Affected Products :
    • Published: Sep. 12, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Path Traversal

  • 0.0

    NA
    CVE-2025-39761

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Decrement TID on RX peer frag setup error handling Currently, TID is not decremented before peer cleanup, during error handling path of ath12k_dp_rx_peer_frag_setup(). Thi... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39757

    In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to be verified whether their sizes match with the declared lengths and whether they fit wi... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39752

    In the Linux kernel, the following vulnerability has been resolved: ARM: rockchip: fix kernel hang during smp initialization In order to bring up secondary CPUs main CPU write trampoline code to SRAM. The trampoline code is written while secondary CPUs ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-39750

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Correct tid cleanup when tid setup fails Currently, if any error occurs during ath12k_dp_rx_peer_tid_setup(), the tid value is already incremented, even though the corresp... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39741

    In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: don't overflow max copy size With non-page aligned copy, we need to use 4 byte aligned pitch, however the size itself might still be close to our maximum of ~8M, and so ... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Denial of Service

  • 5.3

    MEDIUM
    CVE-2025-43788

    The organization selector in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP 2024.Q1.1 through 2024.Q1.12 and 7.4 update 81 through update 85 does not check user permission, which allows remote authenticated users to obtain a list of all organizat... Read more

    Affected Products : liferay_portal dxp
    • Published: Sep. 12, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Authorization

  • 0.0

    NA
    CVE-2025-39763

    In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered If a synchronous error is detected as a result of user-space process triggering a 2-bit uncorrected err... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39790

    In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Detect events pointing to unexpected TREs When a remote device sends a completion event to the host, it contains a pointer to the consumed TRE. The host uses this pointe... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 5.3

    MEDIUM
    CVE-2025-10272

    A vulnerability was determined in erjinzhi 10OA 1.0. Affected is an unknown function of the file /trial/mvc/catalogue. This manipulation of the argument Name causes cross site scripting. The attack can be initiated remotely. The exploit has been publicly ... Read more

    Affected Products :
    • Published: Sep. 11, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Cross-Site Scripting

  • 9.6

    CRITICAL
    CVE-2025-59053

    AIRI is a self-hosted, artificial intelligence based Grok Companion. In v0.7.2-beta.2 in the `packages/stage-ui/src/components/MarkdownRenderer.vue` path, the Markdown content is processed using the useMarkdown composable, and the processed HTML is render... Read more

    Affected Products :
    • Published: Sep. 11, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Cross-Site Scripting

  • 0.0

    NA
    CVE-2025-39770

    In the Linux kernel, the following vulnerability has been resolved: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM When performing Generic Segmentation Offload (GSO) on an IPv6 packet that contains extension headers, the kernel... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-39754

    In the Linux kernel, the following vulnerability has been resolved: mm/smaps: fix race between smaps_hugetlb_range and migration smaps_hugetlb_range() handles the pte without holdling ptl, and may be concurrenct with migration, leaing to BUG_ON in pfn_s... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-39758

    In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages Ever since commit c2ff29e99a76 ("siw: Inline do_tcp_sendpages()"), we have been doing this: static int siw_tcp_sendpages(struc... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39751

    In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control The 'sprintf' call in 'add_tuning_control' may exceed the 44-byte buffer if either string argument is too long. This triggers... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39746

    In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: shutdown driver when hardware is unreliable In rare cases, ath10k may lose connection with the PCIe bus due to some unknown reasons, which could further lead to system cra... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-39747

    In the Linux kernel, the following vulnerability has been resolved: drm/msm: Add error handling for krealloc in metadata setup Function msm_ioctl_gem_info_set_metadata() now checks for krealloc failure and returns -ENOMEM, avoiding potential NULL pointe... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-39762

    In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: add null check [WHY] Prevents null pointer dereferences to enhance function robustness [HOW] Adds early null check and return false if invalid.... Read more

    Affected Products : linux_kernel
    • Published: Sep. 11, 2025
    • Modified: Sep. 15, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 4493 Results