Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2025-43461

    This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protected user data.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2025
    • Modified: Dec. 15, 2025
    • Vuln Type: Path Traversal

  • 5.5

    MEDIUM
    CVE-2025-43381

    This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Tahoe 26.1. A malicious app may be able to delete protected user data.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2025
    • Modified: Dec. 15, 2025
    • Vuln Type: Path Traversal

  • 5.5

    MEDIUM
    CVE-2025-43351

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protected user data.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2025
    • Modified: Dec. 15, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-58304

    Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Nov. 28, 2025
    • Modified: Dec. 02, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-43509

    This issue was addressed with improved data protection. This issue is fixed in macOS Tahoe 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3. An app may be able to access sensitive user data.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-46289

    A logic issue was addressed with improved file handling. This issue is fixed in macOS Tahoe 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3. An app may be able to access protected user data.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2025
    • Modified: Dec. 18, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-66330

    App lock verification bypass vulnerability in the file management app. Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Dec. 08, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-36889

    In onCreateTasks of CameraActivity.java, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Dec. 11, 2025
    • Modified: Dec. 12, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-36921

    In ProtocolPsUnthrottleApn() of protocolpsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exp... Read more

    Affected Products : android
    • Published: Dec. 11, 2025
    • Modified: Dec. 12, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-14696

    A vulnerability was identified in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 4.10.24.3. Affected by this vulnerability is an unknown functionality of the file /api/GylOperator/UpdatePasswordBatch. The manipulation leads to wea... Read more

    Affected Products :
    • Published: Dec. 15, 2025
    • Modified: Dec. 15, 2025
    • Vuln Type: Authentication

  • 5.5

    MEDIUM
    CVE-2025-14197

    A security vulnerability has been detected in Verysync 微力同步 up to 2.21.3. The impacted element is an unknown function of the file /rest/f/api/resources/f96956469e7be39d of the component Web Administration Module. Such manipulation leads to information dis... Read more

    Affected Products : verysync
    • Published: Dec. 07, 2025
    • Modified: Dec. 08, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-14567

    A weakness has been identified in haxxorsid Stock-Management-System up to fbbbf213e9c93b87183a3891f77e3cc7095f22b0. This affects an unknown function of the file /api/employees. Executing manipulation can lead to missing authentication. It is possible to l... Read more

    Affected Products :
    • Published: Dec. 12, 2025
    • Modified: Dec. 15, 2025
    • Vuln Type: Authentication

  • 5.5

    MEDIUM
    CVE-2025-36929

    In AreFencesRegistered of gxp_fence_manager.cc, there is a possible information leak due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for explo... Read more

    Affected Products : android
    • Published: Dec. 11, 2025
    • Modified: Dec. 12, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-14965

    A vulnerability was found in 1541492390c yougou-mall up to 0a771fa817c924efe52c8fe0a9a6658eee675f9f. This impacts the function Upload of the file src/main/java/per/ccm/ygmall/extra/controller/ResourceController.java. Performing manipulation results in pat... Read more

    Affected Products :
    • Published: Dec. 19, 2025
    • Modified: Dec. 19, 2025
    • Vuln Type: Path Traversal

  • 5.5

    MEDIUM
    CVE-2025-64896

    Creative Cloud Desktop versions 6.4.0.361 and earlier are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to disr... Read more

    • Published: Dec. 09, 2025
    • Modified: Dec. 12, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2025-64524

    cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. In versions 2.0.1 and prior, a heap-buffer-overflow vulnerability in the rastertopclx filter causes the pr... Read more

    Affected Products : cups-filters cups-filters
    • Published: Nov. 20, 2025
    • Modified: Dec. 15, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-14703

    A vulnerability has been found in Shiguangwu sgwbox N3 2.0.25. The affected element is an unknown function of the file /fsnotify of the component POST Message Handler. The manipulation of the argument token leads to improper authentication. It is possible... Read more

    Affected Products :
    • Published: Dec. 15, 2025
    • Modified: Dec. 15, 2025
    • Vuln Type: Authentication

  • 5.5

    MEDIUM
    CVE-2025-14520

    A weakness has been identified in baowzh hfly up to 638ff9abe9078bc977c132b37acbe1900b63491c. Impacted is an unknown function of the file /admin/index.php/datafile/delfile. This manipulation of the argument filename causes path traversal. The attack is po... Read more

    Affected Products :
    • Published: Dec. 11, 2025
    • Modified: Dec. 12, 2025
    • Vuln Type: Path Traversal

  • 5.5

    MEDIUM
    CVE-2025-43473

    This issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2025
    • Modified: Dec. 17, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-43388

    An injection issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.... Read more

    Affected Products : macos
    • Published: Dec. 12, 2025
    • Modified: Dec. 15, 2025
    • Vuln Type: Injection
Showing 20 of 4540 Results