Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2023-54019

    In the Linux kernel, the following vulnerability has been resolved: sched/psi: use kernfs polling functions for PSI trigger polling Destroying psi trigger in cgroup_file_release causes UAF issues when a cgroup is removed from under a polling process. Th... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Race Condition

  • 7.8

    HIGH
    CVE-2025-14488

    RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the... Read more

    Affected Products :
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-14496

    RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the... Read more

    Affected Products :
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Authorization

  • 0.0

    NA
    CVE-2023-54024

    In the Linux kernel, the following vulnerability has been resolved: KVM: Destroy target device if coalesced MMIO unregistration fails Destroy and free the target coalesced MMIO device if unregistering said device fails. As clearly noted in the code, kv... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-54028

    In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the error "trying to register non-static key in rxe_cleanup_task" In the function rxe_create_qp(), rxe_qp_from_init() is called to initialize qp, internally things like rx... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Memory Corruption

  • 9.8

    CRITICAL
    CVE-2025-14500

    IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IceWarp. Authentication is not required to exploit this vulnerability. The... Read more

    Affected Products : icewarp
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-13708

    Tencent NeuralNLP-NeuralClassifier _load_checkpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent NeuralNLP-NeuralClassifier... Read more

    Affected Products :
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-12839

    Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. Use... Read more

    Affected Products : openexr
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Memory Corruption

  • 4.5

    MEDIUM
    CVE-2025-13698

    Deciso OPNsense diag_backup.php filename Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows network-adjacent attackers to create arbitrary files on affected installations of Deciso OPNsense. Authentication is required to ... Read more

    Affected Products :
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Path Traversal

  • 7.5

    HIGH
    CVE-2025-11419

    A flaw was found in Keycloak. This vulnerability allows an unauthenticated remote attacker to cause a denial of service (DoS) by repeatedly initiating TLS 1.2 client-initiated renegotiation requests to exhaust server CPU resources, making the service unav... Read more

    Affected Products : keycloak
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Denial of Service

  • 10.0

    CRITICAL
    CVE-2025-14931

    Hugging Face smolagents Remote Python Executor Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face smolagents. Authentication... Read more

    Affected Products :
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-14492

    RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the... Read more

    Affected Products :
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-14497

    RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the... Read more

    Affected Products :
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Authentication

  • 7.8

    HIGH
    CVE-2025-13707

    Tencent HunyuanDiT model_resume Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent HunyuanDiT. User interaction is required to ex... Read more

    Affected Products :
    • Published: Dec. 23, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-54035

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix underflow in chain reference counter Set element addition error path decrements reference counter on chains twice: once on element release and again via nft_da... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-54031

    In the Linux kernel, the following vulnerability has been resolved: vdpa: Add queue index attr to vdpa_nl_policy for nlattr length check The vdpa_nl_policy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attr... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Information Disclosure

  • 0.0

    NA
    CVE-2023-53995

    In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix one memleak in __inet_del_ifa() I got the below warning when do fuzzing test: unregister_netdevice: waiting for bond0 to become free. Usage count = 2 It can be repoduced... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2023-53993

    In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix memory leak with CONFIG_DEBUG_OBJECTS=y After a pci_doe_task completes, its work_struct needs to be destroyed to avoid a memory leak with CONFIG_DEBUG_OBJECTS=y.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2025
    • Modified: Dec. 29, 2025

  • 0.0

    NA
    CVE-2023-53992

    In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: ocb: don't leave if not joined If there's no OCB state, don't ask the driver/mac80211 to leave, since that's just confusing. Since set/clear the chandef state, that's a ... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2025
    • Modified: Dec. 29, 2025

  • 0.0

    NA
    CVE-2022-50704

    In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free during usb config switch In the process of switching USB config from rndis to other config, if the hardware does not support the ->pullup callback, or th... Read more

    Affected Products : linux_kernel
    • Published: Dec. 24, 2025
    • Modified: Dec. 29, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 4430 Results