Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2025-54811

    OpenPLC_V3 has a vulnerability in the enipThread function that occurs due to the lack of a return value. This leads to a crash when the server loop ends and execution hits an illegal ud2 instruction. This issue can be triggered remotely without authentica... Read more

    Affected Products :
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Denial of Service

  • 9.8

    CRITICAL
    CVE-2025-9697

    The Ajax WooSearch WordPress plugin through 1.0.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection... Read more

    Affected Products :
    • Published: Oct. 02, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-61690

    KV STUDIO versions 12.23 and prior contain a buffer underflow vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.... Read more

    Affected Products : kv_studio
    • Published: Oct. 02, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Memory Corruption

  • 6.9

    MEDIUM
    CVE-2025-53881

    A UNIX Symbolic Link (Symlink) Following vulnerability in logrotate config in the exim package allowed privilege escalation from mail user/group to root.This issue affects Tumbleweed: from ? before 4.98.2-lp156.248.1.... Read more

    Affected Products : mirrorcache
    • Published: Oct. 02, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Path Traversal

  • 0.0

    NA
    CVE-2023-53499

    In the Linux kernel, the following vulnerability has been resolved: virtio_net: Fix error unwinding of XDP initialization When initializing XDP in virtnet_open(), some rq xdp initialization may hit an error causing net device open failed. However, previ... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025

  • 0.0

    NA
    CVE-2023-53500

    In the Linux kernel, the following vulnerability has been resolved: xfrm: fix slab-use-after-free in decode_session6 When the xfrm device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53501

    In the Linux kernel, the following vulnerability has been resolved: iommu/amd/iommu_v2: Fix pasid_state refcount dec hit 0 warning on pasid unbind When unbinding pasid - a race condition exists vs outstanding page faults. To prevent this, the pasid_sta... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2023-53505

    In the Linux kernel, the following vulnerability has been resolved: clk: tegra: tegra124-emc: Fix potential memory leak The tegra and tegra needs to be freed in the error handling path, otherwise it will be leaked.... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53508

    In the Linux kernel, the following vulnerability has been resolved: ublk: fail to start device if queue setup is interrupted In ublk_ctrl_start_dev(), if wait_for_completion_interruptible() is interrupted by signal, queues aren't setup successfully yet,... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2023-53509

    In the Linux kernel, the following vulnerability has been resolved: qed: allow sleep in qed_mcp_trace_dump() By default, qed_mcp_cmd_and_union() delays 10us at a time in a loop that can run 500K times, so calls to qed_mcp_nvm_rd_cmd() may block the curr... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2023-53510

    In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix handling of lrbp->cmd ufshcd_queuecommand() may be called two times in a row for a SCSI command before it is completed. Hence make the following changes: - In the... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2023-53514

    In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix memory leak of device names The device names allocated by dev_set_name() need be freed before module unloading, but they can not be freed because the kobject's refcount... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-23297

    NVIDIA Installer for NvAPP for Windows contains a vulnerability in the FrameviewSDK installation process, where an attacker with local unprivileged access could modify files in the Frameview SDK directory. A successful exploit of this vulnerability might ... Read more

    Affected Products :
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Path Traversal

  • 0.0

    NA
    CVE-2023-53515

    In the Linux kernel, the following vulnerability has been resolved: virtio-mmio: don't break lifecycle of vm_dev vm_dev has a separate lifecycle because it has a 'struct device' embedded. Thus, having a release callback for it is correct. Allocating th... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53516

    In the Linux kernel, the following vulnerability has been resolved: macvlan: add forgotten nla_policy for IFLA_MACVLAN_BC_CUTOFF The previous commit 954d1fa1ac93 ("macvlan: Add netlink attribute for broadcast cutoff") added one additional attribute name... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53518

    In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix leak in devfreq_dev_release() srcu_init_notifier_head() allocates resources that need to be released with a srcu_cleanup_notifier_head() call. Reported by kmemleak.... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025

  • 5.1

    MEDIUM
    CVE-2025-41010

    Incorrect Cross-Origin Resource Sharing (CORS) configuration in Hiberus Sintra. Cross-Origin Resource Sharing (CORS) allows browsers to make cross-domain requests in a controlled manner. This request has an “Origin” header that identifies the domain makin... Read more

    Affected Products :
    • Published: Oct. 02, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53519

    In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: add lock to protect parameter num_rdy Getting below error when using KCSAN to check the driver. Adding lock to protect parameter num_rdy when getting the value with... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2023-53520

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix hci_suspend_sync crash If hci_unregister_dev() frees the hci_dev object but hci_suspend_notifier may still be accessing it, it can cause the program to crash. Here's the ... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2023-53521

    In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() A fix for: BUG: KASAN: slab-out-of-bounds in ses_intf_remove+0x23f/0x270 [ses] Read of size 8 at addr ffff88a10d32e5d8 by task rm... Read more

    Affected Products : linux_kernel
    • Published: Oct. 01, 2025
    • Modified: Oct. 02, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 4068 Results