Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.8

HIGH

CVE-2025-12205

A vulnerability was detected in Kamailio 5.5. The affected element is the function sr_push_yy_state of the file src/core/cfg.lex of the component Configuration File Handler. The manipulation results in use after free. The attack must be initiated from a l...

Affected Products : kamailio
Published: Oct. 27, 2025

Modified: Nov. 03, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-59187

Improper input validation in Windows Kernel allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +8 more products
Published: Oct. 14, 2025

Modified: Oct. 14, 2025
7.8

HIGH

CVE-2025-12204

A security vulnerability has been detected in Kamailio 5.5. Impacted is the function rve_destroy of the file src/core/rvalue.c of the component Configuration File Handler. The manipulation leads to heap-based buffer overflow. The attack must be carried ou...

Affected Products : kamailio
Published: Oct. 27, 2025

Modified: Nov. 03, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-10921

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in tha...

Affected Products : gimp
Published: Oct. 29, 2025

Modified: Nov. 03, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-58722

Heap-based buffer overflow in Windows DWM allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_23h2 +3 more products
Published: Oct. 14, 2025

Modified: Oct. 14, 2025
7.8

HIGH

CVE-2025-59277

Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products
Published: Oct. 14, 2025

Modified: Oct. 27, 2025
7.8

HIGH

CVE-2025-59281

Improper link resolution before file access ('link following') in XBox Gaming Services allows an authorized attacker to elevate privileges locally....

Affected Products : xbox_gaming_services
Published: Oct. 14, 2025

Modified: Oct. 17, 2025
7.8

HIGH

CVE-2025-10934

GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in tha...

Affected Products : gimp
Published: Oct. 29, 2025

Modified: Oct. 30, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-59290

Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally....

Affected Products : windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025
Published: Oct. 14, 2025

Modified: Oct. 22, 2025
7.8

HIGH

CVE-2025-27048

Memory corruption while processing camera platform driver IOCTL calls....

Affected Products :
Published: Oct. 09, 2025

Modified: Oct. 09, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-11463

Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this...

Affected Products : cobalt
Published: Oct. 29, 2025

Modified: Oct. 30, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-27053

Memory corruption during PlayReady APP usecase while processing TA commands....

Affected Products :
Published: Oct. 09, 2025

Modified: Oct. 09, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-47354

Memory corruption while allocating buffers in DSP service....

Affected Products :
Published: Oct. 09, 2025

Modified: Oct. 09, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-59192

Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +6 more products
Published: Oct. 14, 2025

Modified: Oct. 17, 2025
7.8

HIGH

CVE-2025-58724

Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally....

Affected Products : azure_connected_machine_agent arc_enabled_servers_azure_connected_machine_agent
Published: Oct. 14, 2025

Modified: Oct. 20, 2025
7.8

HIGH

CVE-2025-24990

Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October c...

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +11 more products
Actively Exploited

Published: Oct. 14, 2025

Modified: Oct. 27, 2025
7.8

HIGH

CVE-2025-43941

Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execu...

Affected Products : unity_operating_environment
Published: Oct. 30, 2025

Modified: Nov. 03, 2025

Vuln Type: Injection
7.8

HIGH

CVE-2025-47351

Memory corruption while processing user buffers....

Affected Products :
Published: Oct. 09, 2025

Modified: Oct. 09, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-47341

memory corruption while processing an image encoding completion event....

Affected Products :
Published: Oct. 09, 2025

Modified: Oct. 09, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-47355

Memory corruption while invoking remote procedure IOCTL calls....

Affected Products :
Published: Oct. 09, 2025

Modified: Oct. 09, 2025

Vuln Type: Memory Corruption

Showing 20 of 3707 Results

Browse by Apps

Latest CVE Feed

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable