Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2025-58286

    Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : harmonyos
    • Published: Oct. 11, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2025-60360

    radare2 v5.9.8 and before contains a memory leak in the function r2r_subprocess_init.... Read more

    Affected Products : radare2
    • Published: Oct. 17, 2025
    • Modified: Oct. 23, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-58285

    Permission control vulnerability in the media module. Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Oct. 11, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-59229

    Uncaught exception in Microsoft Office allows an unauthorized attacker to deny service locally.... Read more

    • Published: Oct. 14, 2025
    • Modified: Oct. 28, 2025

  • 5.5

    MEDIUM
    CVE-2025-58282

    Permission control vulnerability in the camera module. Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Oct. 11, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-58290

    Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : harmonyos
    • Published: Oct. 11, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2025-55683

    Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.... Read more

    • Published: Oct. 14, 2025
    • Modified: Oct. 27, 2025

  • 5.5

    MEDIUM
    CVE-2025-35981

    Exposure of Private Personal Information to an Unauthorized Actor (CWE-359) in the Command Centre Server allows a privileged Operator to view limited personal data about a Cardholder they would not normally have permissions to view. This issue affects C... Read more

    Affected Products :
    • Published: Oct. 23, 2025
    • Modified: Oct. 27, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-47979

    Insertion of sensitive information into log file in Windows Failover Cluster allows an authorized attacker to disclose information locally.... Read more

    • Published: Oct. 14, 2025
    • Modified: Oct. 20, 2025

  • 5.5

    MEDIUM
    CVE-2025-59209

    Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core allows an authorized attacker to disclose information locally.... Read more

    • Published: Oct. 14, 2025
    • Modified: Oct. 17, 2025

  • 5.5

    MEDIUM
    CVE-2025-60359

    radare2 v5.9.8 and before contains a memory leak in the function r_bin_object_new.... Read more

    Affected Products : radare2
    • Published: Oct. 17, 2025
    • Modified: Oct. 23, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-20722

    In gnss driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: A... Read more

    Affected Products : android openwrt rdk-b mt6835 mt6878 mt6886 mt6897 mt6980d mt6985 mt6989 +9 more products
    • Published: Oct. 14, 2025
    • Modified: Oct. 15, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-33177

    NVIDIA Jetson Linux and IGX OS contain a vulnerability in NvMap, where improper tracking of memory allocations could allow a local attacker to cause memory overallocation. A successful exploitation of this vulnerability might lead to denial of service.... Read more

    Affected Products :
    • Published: Oct. 14, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-10986

    Path traversal in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to write data in unintended locations on disk.... Read more

    Affected Products : endpoint_manager_mobile
    • Published: Oct. 14, 2025
    • Modified: Oct. 15, 2025
    • Vuln Type: Path Traversal

  • 5.5

    MEDIUM
    CVE-2025-59419

    Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.128.Final and 4.2.7.Final, the SMTP codec in Netty contains an SMTP command injection vulnerability due to insufficient input validation for Carriage Return (\r... Read more

    Affected Products : netty
    • Published: Oct. 15, 2025
    • Modified: Oct. 17, 2025
    • Vuln Type: Injection

  • 5.5

    MEDIUM
    CVE-2025-55676

    Generation of error message containing sensitive information in Windows USB Video Driver allows an authorized attacker to disclose information locally.... Read more

    • Published: Oct. 14, 2025
    • Modified: Oct. 24, 2025

  • 5.5

    MEDIUM
    CVE-2025-59253

    Improper access control in Microsoft Windows Search Component allows an authorized attacker to deny service locally.... Read more

    • Published: Oct. 14, 2025
    • Modified: Oct. 17, 2025

  • 5.5

    MEDIUM
    CVE-2025-11840

    A weakness has been identified in GNU Binutils 2.45. The affected element is the function vfinfo of the file ldmisc.c. Executing manipulation can lead to out-of-bounds read. The attack can only be executed locally. The exploit has been made available to t... Read more

    Affected Products : binutils
    • Published: Oct. 16, 2025
    • Modified: Oct. 23, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-54275

    Substance3D - Viewer versions 0.25.2 and earlier are affected by an out-of-bounds write vulnerability that could lead to application denial-of-service. An attacker could leverage this vulnerability to crash the application or make it unavailable. Exploita... Read more

    Affected Products : substance_3d_viewer
    • Published: Oct. 14, 2025
    • Modified: Oct. 14, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2025-43282

    A double free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, watchOS 11.6, tvOS 18.6, visionOS 2.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7, iPadOS 17.7.9. An app may be able to ... Read more

    Affected Products : macos iphone_os tvos watchos ipados visionos
    • Published: Oct. 15, 2025
    • Modified: Oct. 16, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 3691 Results