Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2025-9329

    Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vuln... Read more

    Affected Products : macos windows pdf_editor pdf_reader
    • Published: Sep. 02, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-21481

    Memory corruption while performing private key encryption in trusted application.... Read more

    • Published: Sep. 24, 2025
    • Modified: Sep. 25, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-49720

    In multiple functions of Permissions.java, there is a possible way to override the state of the user's location permissions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. ... Read more

    Affected Products : android
    • Published: Sep. 02, 2025
    • Modified: Sep. 04, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-7983

    Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required ... Read more

    Affected Products : graphite
    • Published: Sep. 17, 2025
    • Modified: Sep. 22, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-22438

    In afterKeyEventLockedInterruptable of InputDispatcher.cpp, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Sep. 02, 2025
    • Modified: Sep. 04, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-58178

    SonarQube Server and Cloud is a static analysis solution for continuous code quality and security inspection. In versions 4 to 5.3.0, a command injection vulnerability was discovered in the SonarQube Scan GitHub Action that allows untrusted input argument... Read more

    Affected Products :
    • Published: Sep. 02, 2025
    • Modified: Sep. 02, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-22434

    In handleKeyGestureEvent of PhoneWindowManager.java, there is a possible lock screen bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed f... Read more

    Affected Products : android
    • Published: Sep. 02, 2025
    • Modified: Sep. 04, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-26452

    In loadDrawableForCookie of ResourcesImpl.java, there is a possible way to access task snapshots of other apps due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is n... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-7987

    Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to expl... Read more

    Affected Products : graphite
    • Published: Sep. 17, 2025
    • Modified: Sep. 22, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-36905

    In gxp_mapping_create of gxp_mapping.c, there is a possible privilege escalation due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploita... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-7988

    Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to expl... Read more

    Affected Products : graphite
    • Published: Sep. 17, 2025
    • Modified: Sep. 22, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-54896

    Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more

    • Published: Sep. 09, 2025
    • Modified: Sep. 12, 2025

  • 7.8

    HIGH
    CVE-2025-36898

    There is a possible escalation of privilege due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-36903

    In lwis_io_buffer_write, there is a possible OOB read/write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-7992

    Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit th... Read more

    Affected Products : cobalt
    • Published: Sep. 17, 2025
    • Modified: Sep. 22, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-36887

    In wl_cfgscan_update_v3_schedscan_results() of wl_cfgscan.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is no... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 05, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-26454

    In validateUriSchemeAndPermission of DisclaimersParserImpl.java , there is a possible way to access data from another user due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User inte... Read more

    Affected Products : android
    • Published: Sep. 04, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-43729

    Dell ThinOS 10, versions prior to 2508_10.0127, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A local low-privileged attacker could potentially exploit this vulnerability leading to Elevation of Privileges and Unauthoriz... Read more

    Affected Products :
    • Published: Aug. 27, 2025
    • Modified: Aug. 29, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-7990

    Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit ... Read more

    Affected Products : cobalt
    • Published: Sep. 17, 2025
    • Modified: Sep. 22, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-9328

    Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vuln... Read more

    Affected Products : macos windows pdf_editor pdf_reader
    • Published: Sep. 02, 2025
    • Modified: Sep. 08, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 4403 Results