Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2023-40395

    The issue was addressed with improved handling of caches. This issue is fixed in tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access contacts.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %0.02
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-1594

    epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.... Read more

    Affected Products : wireshark
    • EPSS Score: %0.25
    • Published: Apr. 11, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2023-40427

    The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %0.03
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-40439

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os ipados
    • EPSS Score: %0.06
    • Published: Jan. 10, 2024
    • Modified: Jun. 11, 2025

  • 3.3

    LOW
    CVE-2023-40520

    The issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10. An app may be able to access edited photos saved to a temporary directory.... Read more

    Affected Products : iphone_os tvos watchos ipados
    • EPSS Score: %0.03
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-41065

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • EPSS Score: %0.03
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-3725

    The DNAv4 protocol implementation in the DHCP component in Apple iOS before 6 sends Wi-Fi packets containing a MAC address of a host on a previously used network, which might allow remote attackers to obtain sensitive information about previous device loc... Read more

    Affected Products : iphone_os
    • EPSS Score: %0.14
    • Published: Sep. 20, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2022-42834

    An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13, macOS Big Sur 11.7.3. An app may be able to access mail folder attachments through a temporary directory used during compressi... Read more

    Affected Products : macos
    • EPSS Score: %0.03
    • Published: Jun. 23, 2023
    • Modified: Dec. 10, 2024

  • 3.3

    LOW
    CVE-2012-2392

    Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP dissectors.... Read more

    Affected Products : wireshark
    • EPSS Score: %3.30
    • Published: Jun. 30, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2023-23493

    A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An encrypted volume may be unmounted and remounted by a different user without prompting for the password.... Read more

    Affected Products : macos
    • EPSS Score: %0.02
    • Published: Feb. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-44290

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1. An app may be able to determine a user’s current location.... Read more

    Affected Products : iphone_os watchos ipados
    • Published: Dec. 12, 2024
    • Modified: Dec. 16, 2024

  • 3.3

    LOW
    CVE-2023-38106

    Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit ... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 12, 2025

  • 3.3

    LOW
    CVE-2022-42839

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os ipados
    • EPSS Score: %0.08
    • Published: Jan. 10, 2024
    • Modified: Apr. 17, 2025

  • 3.3

    LOW
    CVE-2024-44222

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to read sensitive location information.... Read more

    Affected Products : macos
    • Published: Oct. 28, 2024
    • Modified: Oct. 30, 2024

  • 3.3

    LOW
    CVE-2014-6060

    The get_option function in dhcpcd 4.0.0 through 6.x before 6.4.3 allows remote DHCP servers to cause a denial of service by resetting the DHO_OPTIONSOVERLOADED option in the (1) bootfile or (2) servername section, which triggers the option to be processed... Read more

    Affected Products : android dhcpcd
    • EPSS Score: %0.16
    • Published: Sep. 04, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2019-17264

    In libyal liblnk before 20191006, liblnk_location_information_read_data in liblnk_location_information.c has a heap-based buffer over-read because an incorrect variable name is used for a certain offset. NOTE: the vendor has disputed this as described in ... Read more

    Affected Products : liblnk
    • EPSS Score: %0.06
    • Published: Oct. 06, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-34406

    An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user data import/export function of NTG (New Telematics Generation) 6 head units. To perform this attack, local access to USB interface of the car is needed. With pr... Read more

    • Published: Feb. 13, 2025
    • Modified: Jun. 27, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2024-50564

    A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged user to decrypt interprocess communication via monitoring named piped.... Read more

    Affected Products : forticlient
    • Published: Jan. 14, 2025
    • Modified: Jun. 11, 2025
    • Vuln Type: Cryptography

  • 3.3

    LOW
    CVE-2024-28584

    Null Pointer Dereference vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the J2KImageToFIBITMAP() function when reading images in J2K format.... Read more

    Affected Products : freeimage
    • Published: Mar. 20, 2024
    • Modified: Mar. 28, 2025

  • 3.3

    LOW
    CVE-2022-1249

    A NULL pointer dereference flaw was found in pesign's cms_set_pw_data() function of the cms_common.c file. The function fails to handle the NULL pwdata invocation from daemon.c, which leads to an explicit NULL dereference and crash on all attempts to daem... Read more

    Affected Products : pesign
    • EPSS Score: %0.13
    • Published: Apr. 29, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 292044 Results