Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2021-39853

    Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an ap... Read more

    • Published: Sep. 29, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-39850

    Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an ap... Read more

    • Published: Sep. 29, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-3947

    A stack-buffer-overflow was found in QEMU in the NVME component. The flaw lies in nvme_changed_nslist() where a malicious guest controlling certain input can read out of bounds memory. A malicious user could use this flaw leading to disclosure of sensitiv... Read more

    Affected Products : qemu
    • Published: Feb. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-38926

    IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to gain privileges due to allowing modification of columns of existing tasks. IBM X-Force ID: 210321.... Read more

    • Published: Dec. 09, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-49557

    An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the yasm_section_bcs_first function in the libyasm/section.c component.... Read more

    Affected Products : yasm
    • Published: Jan. 03, 2024
    • Modified: Jun. 18, 2025

  • 5.5

    MEDIUM
    CVE-2023-49554

    Use After Free vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the do_directive function in the modules/preprocs/nasm/nasm-pp.c component.... Read more

    Affected Products : yasm
    • Published: Jan. 03, 2024
    • Modified: Jun. 18, 2025

  • 5.5

    MEDIUM
    CVE-2021-36938

    Windows Cryptographic Primitives Library Information Disclosure Vulnerability... Read more

    • Published: Aug. 12, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-36060

    Adobe Media Encoder version 15.2 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this iss... Read more

    Affected Products : media_encoder windows
    • Published: Sep. 06, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-52705

    In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix underflow in second superblock position calculations Macro NILFS_SB2_OFFSET_BYTES, which computes the position of the second superblock, underflows when the argument device ... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Dec. 31, 2024

  • 5.5

    MEDIUM
    CVE-2025-43190

    A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to access sensi... Read more

    Affected Products : macos iphone_os watchos ipados visionos
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Path Traversal

  • 5.5

    MEDIUM
    CVE-2021-34976

    Foxit PDF Reader PDF File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 07, 2024
    • Modified: Aug. 15, 2025

  • 5.5

    MEDIUM
    CVE-2025-31270

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access protected user data.... Read more

    Affected Products : macos
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-24197

    A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access sensitive user data.... Read more

    Affected Products : macos
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2023-52702

    In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix possible memory leak in ovs_meter_cmd_set() old_meter needs to be free after it is detached regardless of whether the new meter is successfully attached.... Read more

    Affected Products : linux_kernel
    • Published: May. 21, 2024
    • Modified: Dec. 31, 2024

  • 5.5

    MEDIUM
    CVE-2023-22481

    FreshRSS is a self-hosted RSS feed aggregator. When using the greader API, the provided password is logged in clear in `users/_/log_api.txt` in the case where the authentication fails. The issues occurs in `authorizationToUser()` in `greader.php`. If ther... Read more

    Affected Products : freshrss
    • Published: Mar. 06, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-30950

    A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A malicious application may bypass Gatekeeper checks.... Read more

    Affected Products : macos mac_os_x
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2007-1187

    WebAPP before 0.9.9.5 allows remote authenticated users, without admin privileges, to obtain sensitive information via (1) the Forum Archive feature and (2) Recent Searches.... Read more

    Affected Products : webapp
    • Published: Mar. 02, 2007
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2021-30941

    A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted USD file may disclose memo... Read more

    Affected Products : macos mac_os_x iphone_os ipados
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-30828

    This issue was addressed with improved checks. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A local user may be able to read arbitrary files as root.... Read more

    Affected Products : macos mac_os_x
    • Published: Oct. 19, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-30768

    A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. A sandboxed process may be able to circumvent sandbox restrictions.... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 294538 Results