Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2019-10433

    Jenkins Dingding[钉钉] Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.... Read more

    Affected Products : dingding
    • Published: Oct. 01, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-23493

    A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An encrypted volume may be unmounted and remounted by a different user without prompting for the password.... Read more

    Affected Products : macos
    • Published: Feb. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-8934

    hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest.... Read more

    Affected Products : leap qemu
    • Published: Mar. 21, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2025-25618

    Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation allowing the change of Section Name and Room Number by Teachers.... Read more

    Affected Products : unifiedtransform
    • Published: Mar. 17, 2025
    • Modified: Jun. 24, 2025
    • Vuln Type: Authorization

  • 3.3

    LOW
    CVE-2025-25040

    A vulnerability has been identified in the port ACL functionality of AOS-CX software running on the HPE Aruba Networking CX 9300 Switch Series only and affects: - AOS-CX 10.14.xxxx : All patches - AOS-CX 10.15.xxxx : 10.15.1000 and below The ... Read more

    Affected Products :
    • Published: Mar. 18, 2025
    • Modified: Mar. 18, 2025
    • Vuln Type: Authorization

  • 3.3

    LOW
    CVE-2025-46718

    sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with limited sudo privileges (e.g. execution of a single command) can list sudo privileges of other users using the `-U` flag. This vulnerability allows ... Read more

    Affected Products : sudo
    • Published: May. 12, 2025
    • Modified: Jul. 09, 2025
    • Vuln Type: Authorization

  • 3.3

    LOW
    CVE-2024-53407

    In Phiewer 4.1.0, a dylib injection leads to Command Execution which allow attackers to inject dylib file potentially leading to remote control and unauthorized access to sensitive user data.... Read more

    Affected Products : phiewer
    • Published: Jan. 15, 2025
    • Modified: Jan. 31, 2025
    • Vuln Type: Misconfiguration

  • 3.3

    LOW
    CVE-2025-6656

    PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    Affected Products : pdf-xchange_editor pdf-tools
    • Published: Jun. 25, 2025
    • Modified: Jul. 01, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2025-6653

    PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    Affected Products : pdf-xchange_editor pdf-tools
    • Published: Jun. 25, 2025
    • Modified: Jul. 01, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2025-6648

    PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    Affected Products : pdf-xchange_editor pdf-tools
    • Published: Jun. 25, 2025
    • Modified: Jul. 01, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2025-6652

    PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    Affected Products : pdf-xchange_editor pdf-tools
    • Published: Jun. 25, 2025
    • Modified: Jul. 01, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2023-34406

    An issue was discovered on Mercedes Benz NTG 6. A possible integer overflow exists in the user data import/export function of NTG (New Telematics Generation) 6 head units. To perform this attack, local access to USB interface of the car is needed. With pr... Read more

    • Published: Feb. 13, 2025
    • Modified: Jun. 27, 2025
    • Vuln Type: Denial of Service

  • 3.3

    LOW
    CVE-2024-30356

    Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vul... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Apr. 02, 2024
    • Modified: Aug. 08, 2025

  • 3.3

    LOW
    CVE-2019-15744

    The Sony Xperia Xperia XZs Android device with a build fingerprint of Sony/keyaki_softbank/keyaki_softbank:7.1.1/TONE3-3.0.0-SOFTBANK-170517-0323/1:user/dev-keys contains a pre-installed app with a package name of jp.softbank.mb.tdrl app (versionCode=1413... Read more

    Affected Products : xperia_xzs_firmware xperia_xzs
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-42095

    Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vul... Read more

    Affected Products : pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2010-2053

    emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary files via a symlink attack on the emsnpic temporary file.... Read more

    Affected Products : emesene
    • Published: Jun. 07, 2010
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2020-16121

    PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own.... Read more

    Affected Products : ubuntu_linux packagekit
    • Published: Nov. 07, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-15338

    The Lava Iris 88 Lite Android device with a build fingerprint of LAVA/iris88_lite/iris88_lite:8.1.0/O11019/1536323070:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.2... Read more

    Affected Products : iris_88_firmware iris_88
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-42830

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Jan. 10, 2024
    • Modified: Jun. 16, 2025

  • 3.3

    LOW
    CVE-2019-15336

    The Lava Z61 Turbo Android device with a build fingerprint of LAVA/Z61_Turbo/Z61_Turbo:8.1.0/O11019/1536917928:user/release-keys contains a pre-installed app with a package name of com.android.lava.powersave app (versionCode=400, versionName=v4.0.31) that... Read more

    Affected Products : z61_firmware z61
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 293186 Results