Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2022-33726

    Unprotected dynamic receiver in Samsung Galaxy Friends prior to SMR Aug-2022 Release 1 allows attacker to launch activity.... Read more

    Affected Products : android dex
    • Published: Aug. 05, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2024-9762

    Tungsten Automation Power PDF OXPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interact... Read more

    Affected Products : power_pdf
    • Published: Nov. 22, 2024
    • Modified: Dec. 05, 2024

  • 3.3

    LOW
    CVE-2024-9026

    In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, when using PHP-FPM SAPI and it is configured to catch workers output through catch_workers_output = yes, it may be possible to pollute the final log or remove up to 4 character... Read more

    Affected Products : php php-fpm
    • Published: Oct. 08, 2024
    • Modified: Aug. 19, 2025

  • 3.3

    LOW
    CVE-2024-9753

    Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interacti... Read more

    Affected Products : power_pdf
    • Published: Nov. 22, 2024
    • Modified: Nov. 26, 2024

  • 3.3

    LOW
    CVE-2024-9759

    Tungsten Automation Power PDF GIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interacti... Read more

    Affected Products : power_pdf
    • Published: Nov. 22, 2024
    • Modified: Nov. 26, 2024

  • 3.3

    LOW
    CVE-2025-24141

    An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3. An attacker with physical access to an unlocked device may be able to access Photos while the app is locked.... Read more

    Affected Products : iphone_os ipados
    • Published: Jan. 27, 2025
    • Modified: Feb. 04, 2025
    • Vuln Type: Authentication

  • 3.3

    LOW
    CVE-2025-24100

    A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access information about a user's contacts.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Feb. 05, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2024-9757

    Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interacti... Read more

    Affected Products : power_pdf
    • Published: Nov. 22, 2024
    • Modified: Nov. 26, 2024

  • 3.3

    LOW
    CVE-2025-1398

    Mattermost Desktop App versions <=5.10.0 explicitly declared unnecessary macOS entitlements which allows an attacker with remote access to bypass Transparency, Consent, and Control (TCC) via code injection.... Read more

    Affected Products : mattermost_server mattermost
    • Published: Mar. 17, 2025
    • Modified: Mar. 31, 2025
    • Vuln Type: Misconfiguration

  • 3.3

    LOW
    CVE-2024-9754

    Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interacti... Read more

    Affected Products : power_pdf
    • Published: Nov. 22, 2024
    • Modified: Nov. 26, 2024

  • 3.3

    LOW
    CVE-2025-21860

    In the Linux kernel, the following vulnerability has been resolved: mm/zswap: fix inconsistency when zswap_store_page() fails Commit b7c0ccdfbafd ("mm: zswap: support large folios in zswap_store()") skips charging any zswap entries when it failed to zsw... Read more

    Affected Products : linux_kernel
    • Published: Mar. 12, 2025
    • Modified: Apr. 16, 2025

  • 3.3

    LOW
    CVE-2022-40708

    An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain th... Read more

    • Published: Sep. 28, 2022
    • Modified: May. 20, 2025

  • 3.3

    LOW
    CVE-2022-48852

    In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Unregister codec device on unbind On bind we will register the HDMI codec device but we don't unregister it on unbind, leading to a device leakage. Unregister our device ... Read more

    Affected Products : linux_kernel
    • Published: Jul. 16, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-35902

    An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an OBJ file containing crafted data can force an out-of-bounds read. Ex... Read more

    Affected Products : microstation view
    • Published: Jul. 15, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-40707

    An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain th... Read more

    • Published: Sep. 28, 2022
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2022-42336

    Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as the setting is shared between threads. Logic was intro... Read more

    Affected Products : xen
    • Published: May. 17, 2023
    • Modified: Jan. 22, 2025

  • 3.3

    LOW
    CVE-2022-38022

    Windows Kernel Elevation of Privilege Vulnerability... Read more

    • Published: Oct. 11, 2022
    • Modified: Jan. 02, 2025

  • 3.3

    LOW
    CVE-2024-54475

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to determine a user’s current location.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2022-47111

    7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserved bits. Some later versions are unaffected.... Read more

    Affected Products : 7-zip
    • Published: Apr. 19, 2025
    • Modified: Aug. 18, 2025

  • 3.3

    LOW
    CVE-2022-42834

    An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13, macOS Big Sur 11.7.3. An app may be able to access mail folder attachments through a temporary directory used during compressi... Read more

    Affected Products : macos
    • Published: Jun. 23, 2023
    • Modified: Dec. 10, 2024
Showing 20 of 293644 Results