Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 3.3

    LOW
    CVE-2023-40439

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Jan. 10, 2024
    • Modified: Jun. 11, 2025

  • 3.3

    LOW
    CVE-2023-40434

    A configuration issue was addressed with additional restrictions. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access a user's Photos Library.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2018-6559

    The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access via an overlayfs mount inside of a user namespace.... Read more

    Affected Products : linux_kernel ubuntu_linux
    • Published: Oct. 26, 2018
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2012-5238

    epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to cause a denial of service (assertion failure and applica... Read more

    Affected Products : wireshark
    • Published: Oct. 04, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2012-4285

    The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and applicatio... Read more

    • Published: Aug. 16, 2012
    • Modified: Apr. 11, 2025

  • 3.3

    LOW
    CVE-2023-3044

    An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather... Read more

    Affected Products : xpdf
    • Published: Jun. 02, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2023-41065

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to read sensitive location information.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Sep. 27, 2023
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2014-6463

    Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.... Read more

    • Published: Oct. 15, 2014
    • Modified: Apr. 12, 2025

  • 3.3

    LOW
    CVE-2025-43344

    An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 26, watchOS 26, visionOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to cause unexpected system termination.... Read more

    Affected Products : macos iphone_os tvos watchos ipados visionos
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Memory Corruption

  • 3.3

    LOW
    CVE-2007-4129

    CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory.... Read more

    Affected Products : enterprise_linux coolkey
    • Published: Nov. 08, 2007
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2024-30350

    Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this v... Read more

    Affected Products : windows pdf_editor pdf_reader
    • Published: Apr. 02, 2024
    • Modified: Aug. 08, 2025

  • 3.3

    LOW
    CVE-2023-42093

    Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulne... Read more

    Affected Products : pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2007-3921

    gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files via a symlink attack on temporary files.... Read more

    Affected Products : gforge
    • Published: Nov. 08, 2007
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2024-44222

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to read sensitive location information.... Read more

    Affected Products : macos
    • Published: Oct. 28, 2024
    • Modified: Oct. 30, 2024

  • 3.3

    LOW
    CVE-2023-51550

    Foxit PDF Reader combobox Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vul... Read more

    Affected Products : macos windows pdf_editor pdf_reader
    • Published: May. 03, 2024
    • Modified: Aug. 13, 2025

  • 3.3

    LOW
    CVE-2007-4590

    The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact an... Read more

    Affected Products : hp-ux dynrootdisk ignite-ux
    • Published: Aug. 29, 2007
    • Modified: Apr. 09, 2025

  • 3.3

    LOW
    CVE-2024-40791

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access information ab... Read more

    Affected Products : macos iphone_os ipados
    • Published: Sep. 17, 2024
    • Modified: Mar. 19, 2025

  • 3.3

    LOW
    CVE-2024-44290

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1. An app may be able to determine a user’s current location.... Read more

    Affected Products : iphone_os watchos ipados
    • Published: Dec. 12, 2024
    • Modified: Dec. 16, 2024

  • 3.3

    LOW
    CVE-2019-19126

    On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping address... Read more

    Affected Products : ubuntu_linux fedora debian_linux glibc
    • Published: Nov. 19, 2019
    • Modified: Nov. 21, 2024

  • 3.3

    LOW
    CVE-2011-1144

    The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories. NOTE: this vulnera... Read more

    Affected Products : pear
    • Published: Mar. 03, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 294359 Results