Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 5.5

    MEDIUM
    CVE-2025-31726

    Jenkins Stack Hammer Plugin 1.0.6 and earlier stores Stack Hammer API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.... Read more

    Affected Products : stack_hammer
    • Published: Apr. 02, 2025
    • Modified: Apr. 18, 2025
    • Vuln Type: Misconfiguration
  • 5.5

    MEDIUM
    CVE-2025-31256

    The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.5. Hot corner may unexpectedly reveal a user’s deleted notes.... Read more

    Affected Products : macos
    • Published: May. 12, 2025
    • Modified: May. 27, 2025
  • 5.5

    MEDIUM
    CVE-2025-31242

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to access sensitive user data.... Read more

    Affected Products : macos ipados
    • Published: May. 12, 2025
    • Modified: May. 27, 2025
    • Vuln Type: Information Disclosure
  • 5.5

    MEDIUM
    CVE-2021-34973

    Foxit PDF Reader PDF File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 07, 2024
    • Modified: Aug. 13, 2025
  • 5.5

    MEDIUM
    CVE-2025-30451

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive user data.... Read more

    Affected Products : macos
    • Published: Mar. 31, 2025
    • Modified: Apr. 04, 2025
    • Vuln Type: Information Disclosure
  • 5.5

    MEDIUM
    CVE-2025-30435

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.4. A sandboxed app may be able to access sensitive user data in system logs.... Read more

    Affected Products : macos
    • Published: Mar. 31, 2025
    • Modified: Apr. 04, 2025
    • Vuln Type: Information Disclosure
  • 5.5

    MEDIUM
    CVE-2021-34949

    Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this v... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 07, 2024
    • Modified: Aug. 13, 2025
  • 5.5

    MEDIUM
    CVE-2025-30319

    InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption i... Read more

    Affected Products : macos windows indesign
    • Published: May. 13, 2025
    • Modified: May. 14, 2025
    • Vuln Type: Denial of Service
  • 5.5

    MEDIUM
    CVE-2025-30303

    Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of t... Read more

    Affected Products : windows framemaker
    • Published: Apr. 08, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Information Disclosure
  • 5.5

    MEDIUM
    CVE-2025-30300

    Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial... Read more

    Affected Products : windows framemaker
    • Published: Apr. 08, 2025
    • Modified: Apr. 11, 2025
    • Vuln Type: Denial of Service
  • 5.5

    MEDIUM
    CVE-2025-30291

    ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. A low privileged attacker with local access could leverage this vulnerability to gain access to ... Read more

    Affected Products : coldfusion
    • Published: Apr. 08, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Information Disclosure
  • 5.5

    MEDIUM
    • Published: Apr. 08, 2025
    • Modified: Aug. 12, 2025
    • Vuln Type: Information Disclosure
  • 5.5

    MEDIUM
    CVE-2025-29808

    Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally.... Read more

    Affected Products : windows_server_2022
    • Published: Apr. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Cryptography
  • 5.5

    MEDIUM
    CVE-2025-2926

    A vulnerability was found in HDF5 up to 1.14.6 and classified as problematic. This issue affects the function H5O__cache_chk_serialize of the file src/H5Ocache.c. The manipulation leads to null pointer dereference. An attack has to be approached locally. ... Read more

    Affected Products : hdf5
    • Published: Mar. 28, 2025
    • Modified: Jul. 24, 2025
    • Vuln Type: Memory Corruption
  • 5.5

    MEDIUM
    CVE-2025-2924

    A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HL__fl_deserialize of the file src/H5HLcache.c. The manipulation of the argument free_block leads to heap-based buffer overflow. It is possib... Read more

    Affected Products : hdf5
    • Published: Mar. 28, 2025
    • Modified: Jul. 24, 2025
    • Vuln Type: Memory Corruption
  • 5.5

    MEDIUM
    CVE-2021-34454

    Windows Remote Access Connection Manager Information Disclosure Vulnerability... Read more

    • EPSS Score: %0.44
    • Published: Jul. 16, 2021
    • Modified: Nov. 21, 2024
  • 5.5

    MEDIUM
    CVE-2025-27170

    Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial of s... Read more

    Affected Products : macos windows illustrator
    • Published: Mar. 11, 2025
    • Modified: Mar. 31, 2025
    • Vuln Type: Denial of Service
  • 5.5

    MEDIUM
    CVE-2025-27165

    Substance3D - Stager versions 3.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.... Read more

    Affected Products : macos windows substance_3d_stager
    • Published: Jul. 08, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Information Disclosure
  • 5.5

    MEDIUM
    CVE-2021-33910

    basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.... Read more

    • EPSS Score: %0.09
    • Published: Jul. 20, 2021
    • Modified: Jun. 09, 2025
  • 5.5

    MEDIUM
    CVE-2025-24282

    A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to modify protected parts of the file system.... Read more

    Affected Products : macos
    • Published: Mar. 31, 2025
    • Modified: Apr. 04, 2025
    • Vuln Type: Path Traversal
Showing 20 of 291520 Results