Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2025-12705

    The Social Reviews & Recommendations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in the 'trim_text' function in all versions up to, and including, 2.5 due to insufficient input sanitization and output escaping.... Read more

    Affected Products :
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Cross-Site Scripting

  • 0.0

    NA
    CVE-2023-53787

    In the Linux kernel, the following vulnerability has been resolved: regulator: da9063: fix null pointer deref with partial DT config When some of the da9063 regulators do not have corresponding DT nodes a null pointer dereference occurs on boot because ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53789

    In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Improve page fault error reporting If IOMMU domain for device group is not setup properly then we may hit IOMMU page fault. Current page fault handler assumes that domain is ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53792

    In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchap_ctrl_secret Free dhchap_secret in nvme_ctrl_dhchap_ctrl_secret_store() before we return when nvme_auth_generate_key() returns error.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 5.3

    MEDIUM
    CVE-2025-10876

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TalentSoft Software e-BAP Automation allows Cross-Site Scripting (XSS).This issue affects e-BAP Automation: from 1.8.96 before v.41815.... Read more

    Affected Products :
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Cross-Site Scripting

  • 8.6

    HIGH
    CVE-2025-13428

    A vulnerability exists in the SecOps SOAR server. The custom integrations feature allowed an authenticated user with an "IDE role" to achieve Remote Code Execution (RCE) in the server. The flaw stemmed from weak validation of uploaded Python package code.... Read more

    Affected Products :
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Injection

  • 0.0

    NA
    CVE-2023-53836

    In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix skb refcnt race after locking changes There is a race where skb's from the sk_psock_backlog can be referenced after userspace side has already skb_consumed() the sk_bu... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2023-53829

    In the Linux kernel, the following vulnerability has been resolved: f2fs: flush inode if atomic file is aborted Let's flush the inode being aborted atomic operation to avoid stale dirty inode during eviction in this call stack: f2fs_mark_inode_dirty_... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53830

    In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix memory leak when showing current settings When retriving a item string with tlmi_setting(), the result has to be freed using kfree(). In current_value_show(... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50679

    In the Linux kernel, the following vulnerability has been resolved: i40e: Fix DMA mappings leak During reallocation of RX buffers, new DMA mappings are created for those buffers. steps for reproduction: while : do for ((i=0; i<=8160; i=i+32)) do ethtoo... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53843

    In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: reject negative ifindex Recent changes in net-next (commit 759ab1edb56c ("net: store netdevs in an xarray")) refactored the handling of pre-assigned ifindexes and let ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2023-53846

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on direct node in truncate_dnode() syzbot reports below bug: BUG: KASAN: slab-use-after-free in f2fs_truncate_data_blocks_range+0x122a/0x14c0 fs/f2fs/file.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50652

    In the Linux kernel, the following vulnerability has been resolved: uio: uio_dmem_genirq: Fix missing unlock in irq configuration Commit b74351287d4b ("uio: fix a sleep-in-atomic-context bug in uio_dmem_genirq_irqcontrol()") started calling disable_irq(... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-40327

    In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix system hang caused by cpu-clock usage cpu-clock usage by the async-profiler tool can trigger a system hang, which got bisected back to the following commit by Octavia Tog... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Denial of Service

  • 9.3

    CRITICAL
    CVE-2025-14310

    Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in rethinkdb.This issue affects rethinkdb: before 2.4.4.... Read more

    Affected Products :
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53828

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_add_adv_monitor() KSAN reports use-after-free in hci_add_adv_monitor(). While adding an adv monitor, hci_add_adv_monitor() ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53825

    In the Linux kernel, the following vulnerability has been resolved: kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg(). syzkaller found a memory leak in kcm_sendmsg(), and commit c821a88bd720 ("kcm: Fix memory leak in error path of kcm_sendmsg()") ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53823

    In the Linux kernel, the following vulnerability has been resolved: block/rq_qos: protect rq_qos apis with a new lock commit 50e34d78815e ("block: disable the elevator int del_gendisk") move rq_qos_exit() from disk_release() to del_gendisk(), this will ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2022-50677

    In the Linux kernel, the following vulnerability has been resolved: ipmi: fix use after free in _ipmi_destroy_user() The intf_free() function frees the "intf" pointer so we cannot dereference it again on the next line.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53782

    In the Linux kernel, the following vulnerability has been resolved: dccp: Fix out of bounds access in DCCP error handler There was a previous attempt to fix an out-of-bounds access in the DCCP error handlers, but that fix assumed that the error handlers... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 5224 Results