Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.8

HIGH

CVE-2025-10886

A maliciously crafted MODEL file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process....

Affected Products : 3ds_max autocad advance_steel autocad_architecture autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d revit +6 more products
Published: Dec. 16, 2025

Modified: Dec. 19, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-9452

A maliciously crafted SLDPRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process....

Affected Products : 3ds_max autocad advance_steel autocad_architecture autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d revit +6 more products
Published: Dec. 16, 2025

Modified: Dec. 19, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-9459

A maliciously crafted SLDPRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the cont...

Affected Products : 3ds_max autocad advance_steel autocad_architecture autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d revit +6 more products
Published: Dec. 16, 2025

Modified: Dec. 19, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-10898

AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the c...

Affected Products : 3ds_max autocad advance_steel autocad_architecture autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d revit +6 more products
Published: Dec. 16, 2025

Modified: Dec. 19, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-36936

In GetTachyonCommand of tachyon_server_common.h, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploi...

Affected Products : android
Published: Dec. 11, 2025

Modified: Dec. 15, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-48583

In multiple functions of BaseBundle.java, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed f...

Affected Products : android
Published: Dec. 08, 2025

Modified: Dec. 10, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-47321

Memory corruption while copying packets received from unix clients....

Affected Products :
Published: Dec. 18, 2025

Modified: Dec. 18, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-9457

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process....

Affected Products : 3ds_max autocad advance_steel autocad_architecture autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d revit +6 more products
Published: Dec. 16, 2025

Modified: Dec. 19, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-64680

Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 windows_11_23h2 +5 more products
Published: Dec. 09, 2025

Modified: Dec. 12, 2025
7.8

HIGH

CVE-2025-67488

SiYuan is self-hosted, open source personal knowledge management software. Versions 0.0.0-20251202123337-6ef83b42c7ce and below contain function importZipMd which is vulnerable to ZipSlips, allowing an authenticated user to overwrite files on the system. ...

Affected Products : siyuan
Published: Dec. 09, 2025

Modified: Dec. 12, 2025

Vuln Type: Path Traversal
7.8

HIGH

CVE-2025-62462

Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025 +1 more products
Published: Dec. 09, 2025

Modified: Dec. 10, 2025
7.8

HIGH

CVE-2025-10889

A maliciously crafted CATPART file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process....

Affected Products : 3ds_max autocad advance_steel autocad_architecture autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d revit +6 more products
Published: Dec. 16, 2025

Modified: Dec. 19, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-56124

OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua....

Affected Products : rg-ew1200_firmware rg-ew1200 rg-x60_pro_firmware rg-x60_pro
Published: Dec. 11, 2025

Modified: Dec. 18, 2025

Vuln Type: Injection
7.8

HIGH

CVE-2025-10887

A maliciously crafted MODEL file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process....

Affected Products : 3ds_max autocad advance_steel autocad_architecture autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d revit +6 more products
Published: Dec. 16, 2025

Modified: Dec. 19, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-36930

In GetHostAddress of gxp_buffer.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation....

Affected Products : android
Published: Dec. 11, 2025

Modified: Dec. 12, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-66533

Improper Control of Generation of Code ('Code Injection') vulnerability in StellarWP GiveWP give allows Code Injection.This issue affects GiveWP: from n/a through <= 4.13.1....

Affected Products : givewp
Published: Dec. 09, 2025

Modified: Dec. 09, 2025

Vuln Type: Injection
7.8

HIGH

CVE-2024-46060

Anaconda3 macOS installers before 2024.06-1 contain a local privilege escalation vulnerability when installed outside the user's home directory. During installation, world-writable files are created and executed with root privileges. This allows a local l...

Affected Products :
Published: Dec. 17, 2025

Modified: Dec. 18, 2025

Vuln Type: Misconfiguration
7.8

HIGH

CVE-2025-48629

In findAvailRecognizer of VoiceInteractionManagerService.java, there is a possible way to become the default speech recognizer app due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges n...

Affected Products : android
Published: Dec. 08, 2025

Modified: Dec. 08, 2025

Vuln Type: Misconfiguration
7.8

HIGH

CVE-2025-9454

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context...

Affected Products : 3ds_max autocad advance_steel autocad_architecture autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d revit +6 more products
Published: Dec. 16, 2025

Modified: Dec. 19, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-66499

A heap-based buffer overflow vulnerability exists in the PDF parsing of Foxit PDF Reader when processing specially crafted JBIG2 data. An integer overflow in the calculation of the image buffer size may occur, potentially allowing a remote attacker to exe...

Affected Products : macos windows pdf_editor pdf_reader
Published: Dec. 19, 2025

Modified: Dec. 23, 2025

Vuln Type: Memory Corruption

Showing 20 of 5226 Results

Browse by Apps

Latest CVE Feed

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable