Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2025-24112

    The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3. Parsing a file may lead to an unexpected app termination.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Feb. 04, 2025

  • 5.5

    MEDIUM
    CVE-2025-24124

    The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected ap... Read more

    Affected Products : macos iphone_os tvos watchos ipados visionos
    • Published: Jan. 27, 2025
    • Modified: Mar. 19, 2025

  • 5.5

    MEDIUM
    CVE-2025-24092

    This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to read sensitive location information.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Mar. 24, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-24087

    The issue was addressed with additional permissions checks. This issue is fixed in macOS Sequoia 15.3. An app may be able to access protected user data.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Feb. 05, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-24184

    The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An app may be able to cause unexpected system termination.... Read more

    Affected Products : macos iphone_os tvos watchos ipados visionos
    • Published: May. 19, 2025
    • Modified: May. 28, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-24065

    Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.... Read more

    • Published: Jun. 10, 2025
    • Modified: Jul. 08, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-23418

    in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.... Read more

    Affected Products : openharmony
    • Published: Mar. 04, 2025
    • Modified: Mar. 04, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2025-23134

    In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Don't take register_mutex with copy_from/to_user() The infamous mmap_lock taken in copy_from/to_user() can be often problematic when it's called inside another mutex, as th... Read more

    Affected Products : linux_kernel
    • Published: Apr. 16, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Race Condition

  • 5.5

    MEDIUM
    CVE-2025-23137

    In the Linux kernel, the following vulnerability has been resolved: cpufreq/amd-pstate: Add missing NULL ptr check in amd_pstate_update Check if policy is NULL before dereferencing it in amd_pstate_update.... Read more

    Affected Products : linux_kernel
    • Published: Apr. 16, 2025
    • Modified: Jun. 27, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2025-23136

    In the Linux kernel, the following vulnerability has been resolved: thermal: int340x: Add NULL check for adev Not all devices have an ACPI companion fwnode, so adev might be NULL. This is similar to the commit cd2fd6eab480 ("platform/x86: int3472: Check... Read more

    Affected Products : linux_kernel
    • Published: Apr. 16, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-22837

    in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer dereference.... Read more

    Affected Products : openharmony
    • Published: Mar. 04, 2025
    • Modified: Mar. 04, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2025-22897

    in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow.... Read more

    Affected Products : openharmony
    • Published: Mar. 04, 2025
    • Modified: Mar. 04, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-22886

    in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.... Read more

    Affected Products : openharmony
    • Published: May. 06, 2025
    • Modified: May. 09, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2025-22476

    Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with adjacent network access could potentially explo... Read more

    Affected Products :
    • Published: May. 06, 2025
    • Modified: May. 07, 2025
    • Vuln Type: Injection

  • 5.5

    MEDIUM
    CVE-2025-22134

    When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch ... Read more

    Affected Products : vim bootstrap_os hci_compute_node
    • Published: Jan. 13, 2025
    • Modified: Aug. 14, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-22081

    In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix a couple integer overflows on 32bit systems On 32bit systems the "off + sizeof(struct NTFS_DE)" addition can have an integer wrapping issue. Fix it by using size_add().... Read more

    Affected Products : linux_kernel
    • Published: Apr. 16, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-22066

    In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-card: Add NULL check in imx_card_probe() devm_kasprintf() returns NULL when memory allocation fails. Currently, imx_card_probe() does not check for this case, which results in... Read more

    Affected Products : linux_kernel
    • Published: Apr. 16, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-22070

    In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix NULL pointer dereference on mkdir When a 9p tree was mounted with option 'posixacl', parent directory had a default ACL set for its subdirectories, e.g.: setfacl -m defaul... Read more

    Affected Products : linux_kernel
    • Published: Apr. 16, 2025
    • Modified: May. 06, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-22054

    In the Linux kernel, the following vulnerability has been resolved: arcnet: Add NULL check in com20020pci_probe() devm_kasprintf() returns NULL when memory allocation fails. Currently, com20020pci_probe() does not check for this case, which results in a... Read more

    Affected Products : linux_kernel
    • Published: Apr. 16, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-22063

    In the Linux kernel, the following vulnerability has been resolved: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets When calling netlbl_conn_setattr(), addr->sa_family is used to determine the function behavior. If sk is an IPv4 s... Read more

    Affected Products : linux_kernel
    • Published: Apr. 16, 2025
    • Modified: Apr. 29, 2025
    • Vuln Type: Misconfiguration
Showing 20 of 293582 Results