Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2021-44189

    Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. E... Read more

    Affected Products : macos windows after_effects
    • Published: Sep. 07, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-44190

    Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASL... Read more

    Affected Products : macos windows after_effects
    • Published: Sep. 07, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-44195

    Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASL... Read more

    Affected Products : macos windows after_effects
    • Published: Sep. 07, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-47671

    In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path In es58x_rx_err_msg(), if can->do_set_mode() fails, the function directly returns without calling netif_rx(skb). This ... Read more

    Affected Products : linux_kernel
    • Published: Apr. 17, 2025
    • Modified: Apr. 21, 2025
    • Vuln Type: Memory Corruption

  • 3.3

    LOW
    CVE-2021-46934

    In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2c_transfer(), ex: zero msgs. Userspace should not be able to trigger warnings, so this patch adds validati... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2021-3349

    GNOME Evolution through 3.38.3 produces a "Valid signature" message for an unknown identifier on a previously trusted key because Evolution does not retrieve enough information from the GnuPG API. NOTE: third parties dispute the significance of this issue... Read more

    Affected Products : evolution
    • Published: Feb. 01, 2021
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2019-15790

    Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through get_pid_info() in data/apport. An unprivileged user could exploit... Read more

    Affected Products : ubuntu_linux apport apport
    • Published: Apr. 28, 2020
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2017-13801

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Dictionary Widget" component. It allows attackers to read local files if pasted text is used in a search.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Nov. 13, 2017
    • Modified: Apr. 20, 2025

  • 3.3

    LOW
    CVE-2024-25196

    Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions were discovered to contain a buffer overflow via the nav2_controller process. This vulnerability is triggerd via sending a crafted .yaml file.... Read more

    • Published: Feb. 20, 2024
    • Modified: Apr. 02, 2025

  • 3.3

    LOW
    CVE-2013-4116

    lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking archives.... Read more

    Affected Products : npm node_packaged_modules
    • Published: Apr. 22, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2013-4209

    Automatic Bug Reporting Tool (ABRT) before 2.1.6 allows local users to obtain sensitive information about arbitrary files via vectors related to sha1sums.... Read more

    Affected Products : automatic_bug_reporting_tool
    • Published: May. 01, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2009-5081

    The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and (3) contrib/groffer/perl/roff2.pl scripts in GNU troff (aka groff) 1.21 and earlier use an insufficient number of X characters in the template argument to the tempfile function, which makes it... Read more

    Affected Products : groff
    • Published: Jun. 30, 2011
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2013-3659

    The NTT DOCOMO overseas usage application 2.0.0 through 2.0.4 for Android does not properly connect to Wi-Fi access points, which allows remote attackers to obtain sensitive information by leveraging presence in an 802.11 network's coverage area.... Read more

    Affected Products : overseas_usage
    • Published: Aug. 09, 2013
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2025-1398

    Mattermost Desktop App versions <=5.10.0 explicitly declared unnecessary macOS entitlements which allows an attacker with remote access to bypass Transparency, Consent, and Control (TCC) via code injection.... Read more

    Affected Products : mattermost_server mattermost
    • Published: Mar. 17, 2025
    • Modified: Mar. 31, 2025
    • Vuln Type: Misconfiguration

  • 3.3

    LOW
    CVE-2023-1513

    A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.... Read more

    Affected Products : linux_kernel enterprise_linux fedora
    • Published: Mar. 23, 2023
    • Modified: Feb. 25, 2025

  • 3.3

    LOW
    CVE-2024-56467

    IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.... Read more

    Affected Products : linux_kernel windows entirex
    • Published: Feb. 06, 2025
    • Modified: Jul. 07, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2024-56493

    IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.... Read more

    Affected Products : linux_kernel windows entirex
    • Published: Feb. 27, 2025
    • Modified: Jul. 07, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2024-55503

    An issue in termius before v.9.9.0 allows a local attacker to execute arbitrary code via a crafted script to the DYLD_INSERT_LIBRARIES component.... Read more

    Affected Products : macos termius
    • Published: Jan. 15, 2025
    • Modified: Jan. 31, 2025
    • Vuln Type: Misconfiguration

  • 3.3

    LOW
    CVE-2022-40708

    An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain th... Read more

    • Published: Sep. 28, 2022
    • Modified: May. 20, 2025

  • 3.3

    LOW
    CVE-2024-56810

    IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.... Read more

    Affected Products : linux_kernel windows entirex
    • Published: Feb. 27, 2025
    • Modified: Jul. 07, 2025
    • Vuln Type: Information Disclosure
Showing 20 of 293644 Results