Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-34127

    InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of... Read more

    Affected Products : macos windows indesign
    • Published: Aug. 14, 2024
    • Modified: Sep. 16, 2024

  • 5.5

    MEDIUM
    CVE-2024-34125

    Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requi... Read more

    Affected Products : dimension
    • Published: Aug. 14, 2024
    • Modified: Aug. 19, 2024

  • 5.5

    MEDIUM
    CVE-2023-4720

    Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV.... Read more

    Affected Products : gpac
    • Published: Sep. 01, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-30066

    Winlogon Elevation of Privilege Vulnerability... Read more

    • Published: Jun. 11, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-30065

    Windows Themes Denial of Service Vulnerability... Read more

    • Published: Jun. 11, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-27873

    An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. Processing a maliciously crafted vide... Read more

    Affected Products : macos iphone_os ipados
    • Published: Jul. 29, 2024
    • Modified: Mar. 13, 2025

  • 5.5

    MEDIUM
    CVE-2024-27872

    This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sonoma 14.6. An app may be able to access protected user data.... Read more

    Affected Products : macos
    • Published: Jul. 29, 2024
    • Modified: Mar. 14, 2025

  • 5.5

    MEDIUM
    CVE-2024-26971

    In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq5018: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2025-59342

    esm.sh is a nobuild content delivery network(CDN) for modern web development. In 136 and earlier, a path-traversal flaw in the handling of the X-Zone-Id HTTP header allows an attacker to cause the application to write files outside the intended storage lo... Read more

    Affected Products :
    • Published: Sep. 17, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Path Traversal

  • 5.5

    MEDIUM
    CVE-2024-26181

    Windows Kernel Denial of Service Vulnerability... Read more

    • Published: Mar. 12, 2024
    • Modified: Dec. 27, 2024

  • 5.5

    MEDIUM
    CVE-2025-53769

    External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally.... Read more

    Affected Products : windows_security_app
    • Published: Aug. 12, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Path Traversal

  • 5.5

    MEDIUM
    CVE-2025-53136

    Exposure of sensitive information to an unauthorized actor in Windows NT OS Kernel allows an authorized attacker to disclose information locally.... Read more

    • Published: Aug. 12, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2024-20796

    Animate versions 23.0.4, 24.0.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue... Read more

    Affected Products : macos windows animate
    • Published: Apr. 11, 2024
    • Modified: Dec. 04, 2024

  • 5.5

    MEDIUM
    CVE-2022-48722

    In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: ca8210: Stop leaking skb's Upon error the ieee802154_xmit_complete() helper is not called. Only ieee802154_wake_queue() is called manually. We then leak the skb structu... Read more

    Affected Products : linux_kernel
    • Published: Jun. 20, 2024
    • Modified: Sep. 17, 2025

  • 5.5

    MEDIUM
    CVE-2022-48713

    In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/pt: Fix crash with stop filters in single-range mode Add a check for !buf->single before calling pt_buffer_region_size in a place where a missing check can cause a kernel... Read more

    Affected Products : linux_kernel
    • Published: Jun. 20, 2024
    • Modified: Sep. 17, 2025

  • 5.5

    MEDIUM
    CVE-2022-48711

    In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipc_mon_rcv() allows a node to receive and process domain_record structs from peer nodes to track their views of... Read more

    Affected Products : linux_kernel
    • Published: Jun. 20, 2024
    • Modified: Sep. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-38637

    In the Linux kernel, the following vulnerability has been resolved: greybus: lights: check return of get_channel_from_mode If channel for the given node is not found we return null from get_channel_from_mode. Make sure we validate the return pointer bef... Read more

    Affected Products : linux_kernel
    • Published: Jun. 21, 2024
    • Modified: Sep. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-37356

    In the Linux kernel, the following vulnerability has been resolved: tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). In dctcp_update_alpha(), we use a module parameter dctcp_shift_g as follows: alpha -= min_not_zero(alpha, alpha >> dctcp_shift_g... Read more

    Affected Products : linux_kernel
    • Published: Jun. 21, 2024
    • Modified: Sep. 17, 2025

  • 5.5

    MEDIUM
    CVE-2022-48763

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Forcibly leave nested virt when SMM state is toggled Forcibly leave nested virtualization operation if userspace toggles SMM state via KVM_SET_VCPU_EVENTS or KVM_SYNC_X86_EVEN... Read more

    Affected Products : linux_kernel
    • Published: Jun. 20, 2024
    • Modified: Sep. 17, 2025

  • 5.5

    MEDIUM
    CVE-2024-0098

    NVIDIA ChatRTX for Windows contains a vulnerability in the ChatRTX UI and backend, where a user can cause a clear-text transmission of sensitive information issue by data sniffing. A successful exploit of this vulnerability might lead to information discl... Read more

    Affected Products : windows chatrtx
    • Published: May. 14, 2024
    • Modified: Sep. 17, 2025
Showing 20 of 294513 Results