Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2019-8730

    The contents of locked notes sometimes appeared in search results. This issue was addressed with improved data cleanup. This issue is fixed in macOS Catalina 10.15. A local user may be able to view a user’s locked notes.... Read more

    Affected Products : macos mac_os_x
    • EPSS Score: %0.12
    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-53877

    NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause a NULL pointer exception by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial... Read more

    Affected Products : cuda_toolkit
    • Published: Feb. 25, 2025
    • Modified: Feb. 25, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2013-5164

    Multiple race conditions in the Phone app in Apple iOS before 7.0.3 allow physically proximate attackers to bypass the locked state, and dial the telephone numbers in arbitrary Contacts entries, by visiting the Contacts pane.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.05
    • Published: Oct. 24, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2022-47111

    7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserved bits. Some later versions are unaffected.... Read more

    Affected Products : 7-zip
    • Published: Apr. 19, 2025
    • Modified: Aug. 18, 2025

  • 3.3

    LOW
    CVE-2024-40830

    This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to enumerate a user's installed apps.... Read more

    Affected Products : iphone_os ipados
    • Published: Sep. 17, 2024
    • Modified: Mar. 25, 2025

  • 3.3

    LOW
    CVE-2022-31072

    Octokit is a Ruby toolkit for the GitHub API. Versions 4.23.0 and 4.24.0 of the octokit gem were published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `r... Read more

    Affected Products : octokit octokit
    • EPSS Score: %0.02
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-4289

    epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries.... Read more

    • EPSS Score: %0.29
    • Published: Aug. 16, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2025-6646

    PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit ... Read more

    Affected Products : pdf-xchange_editor pdf-tools
    • Published: Jun. 25, 2025
    • Modified: Jul. 01, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2025-6641

    PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    Affected Products : pdf-xchange_editor pdf-tools
    • Published: Jun. 25, 2025
    • Modified: Jul. 01, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2023-3436

    Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stream. ... Read more

    Affected Products : xpdf
    • EPSS Score: %0.01
    • Published: Jun. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2018-4352

    A consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of notes deletions. This issue affected versions prior to iOS 12.... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.05
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-2213

    An issue was discovered in zenml-io/zenml versions up to and including 0.55.4. Due to improper authentication mechanisms, an attacker with access to an active user session can change the account password without needing to know the current password. This ... Read more

    Affected Products : zenml
    • Published: Jun. 06, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2013-1031

    Power Management in Apple Mac OS X before 10.8.5 does not properly perform locking upon occurrences of a power assertion, which allows physically proximate attackers to bypass intended access restrictions by visiting an unattended workstation on which a l... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %0.04
    • Published: Sep. 16, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2021-30875

    A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 15.1 and iPadOS 15.1. A local attacker may be able to view contacts from the lock screen.... Read more

    Affected Products : iphone_os ipados
    • EPSS Score: %0.05
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-48852

    In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Unregister codec device on unbind On bind we will register the HDMI codec device but we don't unregister it on unbind, leading to a device leakage. Unregister our device ... Read more

    Affected Products : linux_kernel
    • Published: Jul. 16, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-17864

    kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."... Read more

    Affected Products : linux_kernel debian_linux
    • EPSS Score: %0.06
    • Published: Dec. 27, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2021-20239

    A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentiality.... Read more

    Affected Products : linux_kernel enterprise_linux fedora
    • EPSS Score: %0.09
    • Published: May. 28, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-4217

    A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.... Read more

    Affected Products : enterprise_linux fedora unzip
    • EPSS Score: %0.15
    • Published: Aug. 24, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2013-2478

    The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (applic... Read more

    Affected Products : debian_linux wireshark opensuse
    • EPSS Score: %1.45
    • Published: Mar. 07, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2013-2483

    The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via an invalid cou... Read more

    Affected Products : debian_linux wireshark opensuse
    • EPSS Score: %1.45
    • Published: Mar. 07, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 291269 Results