Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2023-53543

    In the Linux kernel, the following vulnerability has been resolved: vdpa: Add max vqp attr to vdpa_nl_policy for nlattr length check The vdpa_nl_policy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribut... Read more

    Affected Products : linux_kernel
    • Published: Oct. 04, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2022-50508

    In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt76x0: fix oob access in mt76x0_phy_get_target_power After 'commit ba45841ca5eb ("wifi: mt76: mt76x02: simplify struct mt76x02_rate_power")', mt76x02 relies on ht[0-7] rate... Read more

    Affected Products : linux_kernel
    • Published: Oct. 04, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53612

    In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) Simplify platform device handling Coretemp's platform driver is unconventional. All the real work is done globally by the initcall and CPU hotplug notifiers, while the... Read more

    Affected Products : linux_kernel
    • Published: Oct. 04, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53607

    In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Fix BUG_ON in probe function The snd_dma_buffer.bytes field now contains the aligned size, which this snd_BUG_ON() did not account for, resulting in the following: [ 9... Read more

    Affected Products : linux_kernel
    • Published: Oct. 04, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53613

    In the Linux kernel, the following vulnerability has been resolved: dax: Fix dax_mapping_release() use after free A CONFIG_DEBUG_KOBJECT_RELEASE test of removing a device-dax region provider (like modprobe -r dax_hmem) yields: kobject: 'mapping0' (fff... Read more

    Affected Products : linux_kernel
    • Published: Oct. 04, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Memory Corruption

  • 5.3

    MEDIUM
    CVE-2025-58584

    In the HTTP request, the username and password are transferred directly in the URL as parameters. However, URLs can be stored in various systems such as server logs, browser histories or proxy servers. As a result, there is a high risk that this sensitive... Read more

    Affected Products :
    • Published: Oct. 06, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Information Disclosure

  • 6.3

    MEDIUM
    CVE-2025-11322

    A flaw has been found in Mangati NovoSGA up to 2.2.12. The impacted element is an unknown function of the file /novosga.users/new of the component User Creation Page. Executing manipulation of the argument Senha/Confirmação da senha can lead to weak passw... Read more

    Affected Products :
    • Published: Oct. 06, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Authentication

  • 5.5

    MEDIUM
    CVE-2025-0608

    URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Logo Software Inc. Logo Cloud allows Phishing, Forceful Browsing.This issue affects Logo Cloud: before 2025.R6.... Read more

    Affected Products :
    • Published: Oct. 06, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Misconfiguration

  • 4.5

    MEDIUM
    CVE-2025-9913

    JavaScript can be ran inside the address bar via the dashboard "Open in new Tab" Button, making the application vulnerable to session hijacking.... Read more

    Affected Products :
    • Published: Oct. 06, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Cross-Site Scripting

  • 4.3

    MEDIUM
    CVE-2025-58581

    When an error occurs in the application a full stacktrace is provided to the user. The stacktrace lists class and method names as well as other internal information. An attacker can thus obtain information about the technology used and the structure of t... Read more

    Affected Products :
    • Published: Oct. 06, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Information Disclosure

  • 6.5

    MEDIUM
    CVE-2025-58580

    An API endpoint allows arbitrary log entries to be created via POST request. Without sufficient validation of the input data, an attacker can create manipulated log entries and thus falsify or dilute logs, for example.... Read more

    Affected Products :
    • Published: Oct. 06, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Information Disclosure

  • 7.5

    HIGH
    CVE-2025-11316

    A vulnerability was determined in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Affected by this issue is the function findCategoryPage of the file findCategoryPage.do. Executing manipulation of the argument tenantId can lead to sql i... Read more

    Affected Products :
    • Published: Oct. 06, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2023-53615

    In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the link list corruption is due to session deletion was allowed... Read more

    Affected Products : linux_kernel
    • Published: Oct. 04, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2023-53611

    In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fix a memleak in try_smi_init() Kmemleak reported the following leak info in try_smi_init(): unreferenced object 0xffff00018ecf9400 (size 1024): comm "modprobe", pid 2707763... Read more

    Affected Products : linux_kernel
    • Published: Oct. 04, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53605

    In the Linux kernel, the following vulnerability has been resolved: drm: amd: display: Fix memory leakage This commit fixes memory leakage in dc_construct_ctx() function.... Read more

    Affected Products : linux_kernel
    • Published: Oct. 04, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53600

    In the Linux kernel, the following vulnerability has been resolved: tunnels: fix kasan splat when generating ipv4 pmtu error If we try to emit an icmp error in response to a nonliner skb, we get BUG: KASAN: slab-out-of-bounds in ip_compute_csum+0x134/0... Read more

    Affected Products : linux_kernel
    • Published: Oct. 04, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53598

    In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Range check CHDBOFF and ERDBOFF If the value read from the CHDBOFF and ERDBOFF registers is outside the range of the MHI register space then an invalid address might be ... Read more

    Affected Products : linux_kernel
    • Published: Oct. 04, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53596

    In the Linux kernel, the following vulnerability has been resolved: drivers: base: Free devm resources when unregistering a device In the current code, devres_release_all() only gets called if the device has a bus and has been probed. This leads to iss... Read more

    Affected Products : linux_kernel
    • Published: Oct. 04, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53594

    In the Linux kernel, the following vulnerability has been resolved: driver core: fix resource leak in device_add() When calling kobject_add() failed in device_add(), it will call cleanup_glue_dir() to free resource. But in kobject_add(), dev->kobj.paren... Read more

    Affected Products : linux_kernel
    • Published: Oct. 04, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53589

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't trust firmware n_channels If the firmware sends us a corrupted MCC response with n_channels much larger than the command response can be, we might copy far too... Read more

    Affected Products : linux_kernel
    • Published: Oct. 04, 2025
    • Modified: Oct. 06, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 3936 Results