Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2023-42054

    PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    • Published: May. 03, 2024
    • Modified: May. 16, 2025

  • 5.5

    MEDIUM
    CVE-2023-42049

    PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    • Published: May. 03, 2024
    • Modified: May. 16, 2025

  • 5.5

    MEDIUM
    CVE-2022-23194

    Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASL... Read more

    Affected Products : macos windows illustrator
    • EPSS Score: %2.04
    • Published: Feb. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-23190

    Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASL... Read more

    Affected Products : macos windows illustrator
    • EPSS Score: %2.04
    • Published: Feb. 16, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-42066

    PDF-XChange Editor J2K File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    • Published: May. 03, 2024
    • Modified: May. 16, 2025

  • 5.5

    MEDIUM
    CVE-2023-42052

    PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    • Published: May. 03, 2024
    • Modified: May. 16, 2025

  • 5.5

    MEDIUM
    CVE-2023-42056

    PDF-XChange Editor U3D File Parsing Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to ... Read more

    • Published: May. 03, 2024
    • Modified: May. 16, 2025

  • 5.5

    MEDIUM
    CVE-2023-42048

    PDF-XChange Editor J2K File Parsing Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to ... Read more

    • Published: May. 03, 2024
    • Modified: May. 16, 2025

  • 5.5

    MEDIUM
    CVE-2023-42046

    PDF-XChange Editor J2K File Parsing Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to ... Read more

    • Published: May. 03, 2024
    • Modified: May. 16, 2025

  • 5.5

    MEDIUM
    CVE-2018-9548

    In multiple functions of ContentProvider.java, there is a possible permission bypass due to a missing URI validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploi... Read more

    Affected Products : android
    • EPSS Score: %0.03
    • Published: Dec. 06, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-41996

    The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6. Apps that fail verification checks may still launch.... Read more

    Affected Products : macos
    • EPSS Score: %0.09
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-41991

    A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited agai... Read more

    Affected Products : macos iphone_os ipados
    • Actively Exploited
    • EPSS Score: %7.17
    • Published: Sep. 21, 2023
    • Modified: Feb. 10, 2025

  • 5.5

    MEDIUM
    CVE-2023-41986

    The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to modify protected parts of the file system.... Read more

    Affected Products : macos iphone_os ipados
    • EPSS Score: %0.06
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-41980

    A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to bypass Privacy preferences.... Read more

    Affected Products : macos iphone_os ipados
    • EPSS Score: %0.02
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-9452

    In getOffsetForHorizontal of Layout.java, there is a possible application hang due to a slow width calculation. This could lead to remote denial of service if a contact with many hidden unicode characters were sent to the device and used by a local app, w... Read more

    Affected Products : android
    • EPSS Score: %0.38
    • Published: Oct. 02, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-9454

    In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Produc... Read more

    Affected Products : android
    • EPSS Score: %0.10
    • Published: Nov. 06, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-9457

    In onCheckedChanged of BluetoothPairingController.java, there is a possible way to retrieve contact information due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction i... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Nov. 14, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-40959

    In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() ip6_dst_idev() can return NULL, xfrm6_get_saddr() must act accordingly. syzbot reported: Oops: general protection fault, ... Read more

    Affected Products : linux_kernel
    • Published: Jul. 12, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-9421

    In writeInplace of Parcel.cpp, there is a possible information leak across processes, using Binder, due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed f... Read more

    Affected Products : android
    • Published: Nov. 19, 2024
    • Modified: Nov. 22, 2024

  • 5.5

    MEDIUM
    CVE-2018-9406

    In NlpService, there is a possible way to obtain location information due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Jan. 18, 2025
    • Modified: Jan. 31, 2025
    • Vuln Type: Authorization
Showing 20 of 292319 Results