Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2023-53777

    In the Linux kernel, the following vulnerability has been resolved: erofs: kill hooked chains to avoid loops on deduplicated compressed images After heavily stressing EROFS with several images which include a hand-crafted image of repeated patterns for ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2023-53832

    In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref in raid10_sync_request init_resync() inits mempool and sets conf->have_replacemnt at the beginning of sync, close_sync() frees the mempool when sync is com... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53846

    In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on direct node in truncate_dnode() syzbot reports below bug: BUG: KASAN: slab-use-after-free in f2fs_truncate_data_blocks_range+0x122a/0x14c0 fs/f2fs/file.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53863

    In the Linux kernel, the following vulnerability has been resolved: netlink: do not hard code device address lenth in fdb dumps syzbot reports that some netdev devices do not have a six bytes address [1] Replace ETH_ALEN by dev->addr_len. [1] (Case of... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Information Disclosure

  • 0.0

    NA
    CVE-2023-53785

    In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: don't assume adequate headroom for SDIO headers mt7921_usb_sdio_tx_prepare_skb() calls mt7921_usb_sdio_write_txwi() and mt7921_skb_add_usb_sdio_hdr(), both of which blindl... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Denial of Service

  • 0.0

    NA
    CVE-2023-53865

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix warning when putting transaction with qgroups enabled after abort If we have a transaction abort with qgroups enabled we get a warning triggered when doing the final put on t... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2022-50652

    In the Linux kernel, the following vulnerability has been resolved: uio: uio_dmem_genirq: Fix missing unlock in irq configuration Commit b74351287d4b ("uio: fix a sleep-in-atomic-context bug in uio_dmem_genirq_irqcontrol()") started calling disable_irq(... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2023-53813

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix rbtree traversal bug in ext4_mb_use_preallocated During allocations, while looking for preallocations(PA) in the per inode rbtree, we can't do a direct traversal of the tree b... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2022-50657

    In the Linux kernel, the following vulnerability has been resolved: riscv: mm: add missing memcpy in kasan_init Hi Atish, It seems that the panic is due to the missing memcpy during kasan_init. Could you please check whether this patch is helpful? Whe... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53855

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: ocelot: call dsa_tag_8021q_unregister() under rtnl_lock() on driver remove When the tagging protocol in current use is "ocelot-8021q" and we unbind the driver, we see this spl... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-40328

    In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_close_cached_fid() find_or_create_cached_dir() could grab a new reference after kref_put() had seen the refcount drop to zero but before cfid_list... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025

  • 0.0

    NA
    CVE-2023-53781

    In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in tcp_write_timer_handler(). With Eric's ref tracker, syzbot finally found a repro for use-after-free in tcp_write_timer_handler() by kernel TCP sockets. [0] I... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50670

    In the Linux kernel, the following vulnerability has been resolved: mmc: omap_hsmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmc_al... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53807

    In the Linux kernel, the following vulnerability has been resolved: clk: clocking-wizard: Fix Oops in clk_wzrd_register_divider() Smatch detected this potential error pointer dereference clk_wzrd_register_divider(). If devm_clk_hw_register() fails then... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53809

    In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tp_tunnel_register() When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2022-50676

    In the Linux kernel, the following vulnerability has been resolved: net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks() syzbot is reporting lockdep warning at rds_tcp_reset_callbacks() [1], for commit ac3615e7f3cffe2a ("RD... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2023-53804

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode() During unmount process of nilfs2, nothing holds nilfs_root structure after nilfs2 detaches its writer in nilfs_detach... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53794

    In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-after-free issue Don't collect exiting session in smb2_reconnect_server(), because it will be released soon. Note that the exiti... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2022-50637

    In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom-hw: Fix memory leak in qcom_cpufreq_hw_read_lut() If "cpu_dev" fails to get opp table in qcom_cpufreq_hw_read_lut(), the program will return, resulting in "table" resource... Read more

    Affected Products : linux_kernel
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025

  • 6.5

    MEDIUM
    CVE-2025-63037

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DFDevelopment Ronneby Theme Core ronneby-core allows DOM-Based XSS.This issue affects Ronneby Theme Core: from n/a through <= 1.5.68.... Read more

    Affected Products :
    • Published: Dec. 09, 2025
    • Modified: Dec. 09, 2025
    • Vuln Type: Cross-Site Scripting
Showing 20 of 4820 Results