Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2023-53794

    In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-after-free issue Don't collect exiting session in smb2_reconnect_server(), because it will be released soon. Note that the exiti... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53804

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode() During unmount process of nilfs2, nothing holds nilfs_root structure after nilfs2 detaches its writer in nilfs_detach... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53848

    In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix a deadlock in r5l_exit_log() Commit b13015af94cf ("md/raid5-cache: Clear conf->log after finishing work") introduce a new problem: // caller hold reconfig_mutex r5l... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2023-53849

    In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix workqueue leak on bind errors Make sure to destroy the workqueue also in case of early errors during bind (e.g. a subcomponent failing to bind). Since commit c3b790ea07a1 ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-40330

    In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Shutdown FW DMA in bnxt_shutdown() The netif_close() call in bnxt_shutdown() only stops packet DMA. There may be FW DMA for trace logging (recently added) that will continue. ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-40337

    In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Correctly handle Rx checksum offload errors The stmmac_rx function would previously set skb->ip_summed to CHECKSUM_UNNECESSARY if hardware checksum offload (CoE) was enable... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-40343

    In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: avoid scheduling association deletion twice When forcefully shutting down a port via the configfs interface, nvmet_port_subsys_drop_link() first calls nvmet_port_del_ctrls() a... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-68253

    In the Linux kernel, the following vulnerability has been resolved: mm: don't spin in add_stack_record when gfp flags don't allow syzbot was able to find the following path: add_stack_record_to_list mm/page_owner.c:182 [inline] inc_stack_record_coun... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-68212

    In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized 'offp' in statmount_string() In statmount_string(), most flags assign an output offset pointer (offp) which is later updated with the string offset. However, the S... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-69034

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Lekker lekker allows PHP Local File Inclusion.This issue affects Lekker: from n/a through <= 1.8.... Read more

    Affected Products :
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Path Traversal

  • 0.0

    NA
    CVE-2025-68200

    In the Linux kernel, the following vulnerability has been resolved: bpf: Add bpf_prog_run_data_pointers() syzbot found that cls_bpf_classify() is able to change tc_skb_cb(skb)->drop_reason triggering a warning in sk_skb_reason_drop(). WARNING: CPU: 0 P... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-68175

    In the Linux kernel, the following vulnerability has been resolved: media: nxp: imx8-isi: Fix streaming cleanup on release The current implementation unconditionally calls mxc_isi_video_cleanup_streaming() in mxc_isi_video_release(). This can lead to si... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2025-40348

    In the Linux kernel, the following vulnerability has been resolved: slab: Avoid race on slab->obj_exts in alloc_slab_obj_exts If two competing threads enter alloc_slab_obj_exts() and one of them fails to allocate the object extension vector, it might ov... Read more

    Affected Products : linux_kernel
    • Published: Dec. 16, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2023-53799

    In the Linux kernel, the following vulnerability has been resolved: crypto: api - Use work queue in crypto_destroy_instance The function crypto_drop_spawn expects to be called in process context. However, when an instance is unregistered while it still... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53801

    In the Linux kernel, the following vulnerability has been resolved: iommu/sprd: Release dma buffer to avoid memory leak When attaching to a domain, the driver would alloc a DMA buffer which is used to store address mapping table, and it need to be relea... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-69032

    Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes FiveStar fivestar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FiveStar: from n/a through <= 1.7.... Read more

    Affected Products :
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Authorization

  • 0.0

    NA
    CVE-2022-50784

    In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mei: fix potential NULL-ptr deref after clone If cloning the SKB fails, don't try to use it, but rather return as if we should pass it. Coverity CID: 1503456... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-54206

    In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: fix filter idr initialization The cited commit moved idr initialization too early in fl_change() which allows concurrent users to access the filter that is still bein... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2022-50823

    In the Linux kernel, the following vulnerability has been resolved: clk: tegra: Fix refcount leak in tegra114_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. A... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50828

    In the Linux kernel, the following vulnerability has been resolved: clk: zynqmp: Fix stack-out-of-bounds in strncpy` "BUG: KASAN: stack-out-of-bounds in strncpy+0x30/0x68" Linux-ATF interface is using 16 bytes of SMC payload. In case clock name is long... Read more

    Affected Products : linux_kernel
    • Published: Dec. 30, 2025
    • Modified: Dec. 31, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 5264 Results