Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 5.6

    MEDIUM
    CVE-2025-27535

    Exposed ioctl with insufficient access control in the firmware for some Intel(R) Ethernet Connection E825-C. before version NVM ver. 3.84 within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Denial of Service
  • 5.6

    MEDIUM
    CVE-2025-27940

    Out-of-bounds read for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Software side channel adversary with a privileged user combined with a high complexity attack may enable data exposure. This result... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Information Disclosure
  • 5.6

    MEDIUM
    CVE-2026-2738

    Buffer overflow in ovpn‑dco‑win version 2.8.0 allows local attackers to cause a system crash by sending too large packets to the remote peer when the AEAD tag appears at the end of the encrypted packet... Read more

    Affected Products :
    • Published: Feb. 19, 2026
    • Modified: Feb. 19, 2026
    • Vuln Type: Memory Corruption
  • 5.6

    MEDIUM
    CVE-2025-27708

    Out-of-bounds read in the firmware for some Intel(R) Converged Security and Management Engine (CSME) Firmware (FW) within Ring 0: Kernel may allow an information disclosure. System software adversary with a privileged user combined with a low complexity a... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Information Disclosure
  • 5.6

    MEDIUM
    CVE-2025-22885

    Improper buffer restrictions in the firmware for the TDX Module may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially o... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Memory Corruption
  • 5.6

    MEDIUM
    CVE-2025-32467

    Use of uninitialized variable for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Information Disclosure
  • 5.6

    MEDIUM
    CVE-2025-32007

    Out-of-bounds read for some TDX before version tdx module 1.5.24 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may pot... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Information Disclosure
  • 5.6

    MEDIUM
    CVE-2025-27572

    Exposure of sensitive information during transient execution for some TDX within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This resu... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Information Disclosure
  • 5.6

    MEDIUM
    CVE-2025-31944

    Race condition for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow a denial of service. Authorized adversary with a privileged user combined with a high complexity attack may enable denial of service. This result may potentially ... Read more

    Affected Products :
    • Published: Feb. 10, 2026
    • Modified: Feb. 10, 2026
    • Vuln Type: Race Condition
  • 5.5

    MEDIUM
    CVE-2020-37140

    Everest, later referred to as AIDA64, 5.50.2100 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating file open functionality. Attackers can generate a 450-byte buffer of repeated characters and pa... Read more

    Affected Products :
    • Published: Feb. 05, 2026
    • Modified: Feb. 05, 2026
    • Vuln Type: Denial of Service
  • 5.5

    MEDIUM
    CVE-2026-20666

    An authorization issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data.... Read more

    Affected Products : macos
    • Published: Feb. 11, 2026
    • Modified: Feb. 12, 2026
    • Vuln Type: Authorization
  • 5.5

    MEDIUM
    CVE-2026-21317

    Audition versions 25.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue require... Read more

    Affected Products : audition
    • Published: Feb. 10, 2026
    • Modified: Feb. 11, 2026
    • Vuln Type: Memory Corruption
  • 5.5

    MEDIUM
    CVE-2026-21316

    Audition versions 25.3 and earlier are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become un... Read more

    Affected Products : audition
    • Published: Feb. 10, 2026
    • Modified: Feb. 11, 2026
    • Vuln Type: Memory Corruption
  • 5.5

    MEDIUM
    CVE-2026-21332

    InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of th... Read more

    Affected Products : macos windows indesign
    • Published: Feb. 10, 2026
    • Modified: Feb. 11, 2026
    • Vuln Type: Memory Corruption
  • 5.5

    MEDIUM
    CVE-2026-21315

    Audition versions 25.3 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires ... Read more

    Affected Products : audition
    • Published: Feb. 10, 2026
    • Modified: Feb. 11, 2026
    • Vuln Type: Memory Corruption
  • 5.5

    MEDIUM
    CVE-2026-2327

    Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the use of the regex /\*+$/ in the linkify function. An attacker can supply a long sequence of * characters followed by... Read more

    Affected Products : markdown-it
    • Published: Feb. 12, 2026
    • Modified: Feb. 12, 2026
    • Vuln Type: Denial of Service
  • 5.5

    MEDIUM
    CVE-2025-14876

    A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, leading to uncontrolled memory allocation. This can result in a denial of service (DoS) on the host system by... Read more

    Affected Products : qemu
    • Published: Feb. 18, 2026
    • Modified: Feb. 19, 2026
    • Vuln Type: Denial of Service
  • 5.5

    MEDIUM
    CVE-2026-20618

    An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.3. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • Published: Feb. 11, 2026
    • Modified: Feb. 18, 2026
    • Vuln Type: Information Disclosure
  • 5.5

    MEDIUM
    CVE-2026-22795

    Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS#12 file. Impact summary: An application processing a malformed PKCS#12 file can be caused to dereference an invalid or NULL pointer on memory r... Read more

    Affected Products : openssl
    • Published: Jan. 27, 2026
    • Modified: Feb. 02, 2026
    • Vuln Type: Denial of Service
  • 5.5

    MEDIUM
    CVE-2026-20647

    This issue was addressed with improved data protection. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data.... Read more

    Affected Products : macos
    • Published: Feb. 11, 2026
    • Modified: Feb. 13, 2026
    • Vuln Type: Information Disclosure
Showing 20 of 4944 Results