Latest CVE Feed
-
5.5
MEDIUMCVE-2025-31726
Jenkins Stack Hammer Plugin 1.0.6 and earlier stores Stack Hammer API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.... Read more
Affected Products : stack_hammer- Published: Apr. 02, 2025
- Modified: Apr. 18, 2025
- Vuln Type: Misconfiguration
-
5.5
MEDIUMCVE-2025-31256
The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.5. Hot corner may unexpectedly reveal a user’s deleted notes.... Read more
Affected Products : macos- Published: May. 12, 2025
- Modified: May. 27, 2025
-
5.5
MEDIUMCVE-2025-31242
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to access sensitive user data.... Read more
- Published: May. 12, 2025
- Modified: May. 27, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2021-34973
Foxit PDF Reader PDF File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this... Read more
- Published: May. 07, 2024
- Modified: Aug. 13, 2025
-
5.5
MEDIUMCVE-2025-30451
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive user data.... Read more
Affected Products : macos- Published: Mar. 31, 2025
- Modified: Apr. 04, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-30435
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.4. A sandboxed app may be able to access sensitive user data in system logs.... Read more
Affected Products : macos- Published: Mar. 31, 2025
- Modified: Apr. 04, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2021-34949
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this v... Read more
- Published: May. 07, 2024
- Modified: Aug. 13, 2025
-
5.5
MEDIUMCVE-2025-30319
InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption i... Read more
- Published: May. 13, 2025
- Modified: May. 14, 2025
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2025-30303
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of t... Read more
- Published: Apr. 08, 2025
- Modified: Apr. 11, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-30300
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial... Read more
- Published: Apr. 08, 2025
- Modified: Apr. 11, 2025
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2025-30291
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. A low privileged attacker with local access could leverage this vulnerability to gain access to ... Read more
Affected Products : coldfusion- Published: Apr. 08, 2025
- Modified: Apr. 21, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-29821
Improper input validation in Dynamics Business Central allows an authorized attacker to disclose information locally.... Read more
- Published: Apr. 08, 2025
- Modified: Aug. 12, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-29808
Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally.... Read more
Affected Products : windows_server_2022- Published: Apr. 08, 2025
- Modified: Jul. 10, 2025
- Vuln Type: Cryptography
-
5.5
MEDIUMCVE-2025-2926
A vulnerability was found in HDF5 up to 1.14.6 and classified as problematic. This issue affects the function H5O__cache_chk_serialize of the file src/H5Ocache.c. The manipulation leads to null pointer dereference. An attack has to be approached locally. ... Read more
Affected Products : hdf5- Published: Mar. 28, 2025
- Modified: Jul. 24, 2025
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2025-2924
A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HL__fl_deserialize of the file src/H5HLcache.c. The manipulation of the argument free_block leads to heap-based buffer overflow. It is possib... Read more
Affected Products : hdf5- Published: Mar. 28, 2025
- Modified: Jul. 24, 2025
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2021-34454
Windows Remote Access Connection Manager Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_1507 +5 more products- EPSS Score: %0.44
- Published: Jul. 16, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2025-27170
Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial of s... Read more
- Published: Mar. 11, 2025
- Modified: Mar. 31, 2025
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2025-27165
Substance3D - Stager versions 3.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.... Read more
- Published: Jul. 08, 2025
- Modified: Jul. 14, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2021-33910
basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.... Read more
Affected Products : fedora debian_linux hci_management_node solidfire systemd scalance_lpe9403_firmware- EPSS Score: %0.09
- Published: Jul. 20, 2021
- Modified: Jun. 09, 2025
-
5.5
MEDIUMCVE-2025-24282
A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to modify protected parts of the file system.... Read more
Affected Products : macos- Published: Mar. 31, 2025
- Modified: Apr. 04, 2025
- Vuln Type: Path Traversal