Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2025-20613

    Predictable Seed in Pseudo-Random Number Generator (PRNG) in the firmware for some Intel(R) TDX may allow an authenticated user to potentially enable information disclosure via local access.... Read more

    Affected Products :
    • Published: Aug. 12, 2025
    • Modified: Aug. 13, 2025
    • Vuln Type: Cryptography

  • 3.3

    LOW
    CVE-2018-13053

    The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.... Read more

    Affected Products : linux_kernel ubuntu_linux debian_linux
    • Published: Jul. 02, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2013-5397

    Unspecified vulnerability in the Webservice Axis Gateway in IBM Rational Focal Point 6.4 before devfix1, 6.4.1.3 before devfix1, 6.5.1 before devfix1, 6.5.2 before devfix4, 6.5.2.3 before devfix9, 6.6 before devfix5, 6.6.0.1 before devfix2, and 6.6.1 allo... Read more

    Affected Products : rational_focal_point
    • Published: Dec. 18, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2015-5910

    IDE Xcode Server in Apple Xcode before 7.0 does not ensure that server traffic is encrypted, which allows remote attackers to obtain sensitive information by sniffing the network.... Read more

    Affected Products : xcode
    • Published: Sep. 18, 2015
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2024-29508

    Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed BaseFont name) in the function pdf_base_font_alloc.... Read more

    Affected Products : ghostscript
    • Published: Jul. 03, 2024
    • Modified: Mar. 17, 2025

  • 3.3

    LOW
    CVE-2024-43841

    In the Linux kernel, the following vulnerability has been resolved: wifi: virt_wifi: avoid reporting connection success with wrong SSID When user issues a connection with a different SSID than the one virt_wifi has advertised, the __cfg80211_connect_res... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Oct. 29, 2024

  • 3.3

    LOW
    CVE-2013-1444

    A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222.... Read more

    Affected Products : txt2man txt2man
    • Published: Sep. 30, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2013-4260

    lib/ansible/playbook/__init__.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a predictable name in /var/tmp/ansible/.... Read more

    Affected Products : ansible
    • Published: Sep. 16, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2013-4472

    The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.... Read more

    Affected Products : poppler
    • Published: Apr. 22, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2024-8013

    A bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciphertext. Should this occur, no documents would be returne... Read more

    Affected Products : mongo_crypt_v1.so mongocryptd
    • Published: Oct. 28, 2024
    • Modified: Oct. 31, 2024

  • 3.3

    LOW
    CVE-2015-0858

    Cool Projects TarDiff allows local users to write to arbitrary files via a symlink attack on a pathname in a /tmp/tardiff-$$ temporary directory.... Read more

    Affected Products : debian_linux tardiff
    • Published: May. 06, 2016
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2018-18386

    drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.... Read more

    Affected Products : linux_kernel ubuntu_linux
    • Published: Oct. 17, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2011-1676

    mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations.... Read more

    Affected Products : util-linux util-linux
    • Published: Apr. 10, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2023-47072

    Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations... Read more

    Affected Products : macos windows after_effects
    • Published: Nov. 17, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-1418

    An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'.... Read more

    • Published: Nov. 12, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-37376

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Editor 11.1.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ma... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Mar. 29, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-34874

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ma... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Jul. 18, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-46270

    MacPaw The Unarchiver before 4.3.6 contains vulnerability related to missing quarantine attributes for extracted items.... Read more

    Affected Products :
    • Published: Apr. 29, 2024
    • Modified: Mar. 28, 2025

  • 3.3

    LOW
    CVE-2023-46837

    Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for instance, used when allocating guest memory to ensure any writes (such as the ones during scrubbing) have reached memory before handing over the page to a gues... Read more

    Affected Products : xen
    • Published: Jan. 05, 2024
    • Modified: Jun. 16, 2025

  • 3.3

    LOW
    CVE-2019-2873

    Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to ... Read more

    Affected Products : leap vm_virtualbox
    • Published: Jul. 23, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 293669 Results