Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.9

    CRITICAL
    CVE-2024-41799

    tgstation-server is a production scale tool for BYOND server management. Prior to 6.8.0, low permission users using the "Set .dme Path" privilege could potentially set malicious .dme files existing on the host machine to be compiled and executed. These .d... Read more

    Affected Products : tgstation-server
    • Published: Jul. 29, 2024
    • Modified: Aug. 19, 2025

  • 8.1

    HIGH
    CVE-2024-45419

    Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a disclosure of information via network access.... Read more

    • Published: Nov. 19, 2024
    • Modified: Aug. 19, 2025

  • 7.5

    HIGH
    CVE-2025-50169

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB allows an unauthorized attacker to execute code over a network.... Read more

    Affected Products : windows_11_24h2 windows_server_2025
    • Published: Aug. 12, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Race Condition

  • 7.8

    HIGH
    CVE-2025-50168

    Access of resource using incompatible type ('type confusion') in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.... Read more

    • Published: Aug. 12, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption

  • 5.3

    MEDIUM
    CVE-2025-9136

    A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestream_vscanf of the file libretro-common/streams/file_stream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgradin... Read more

    Affected Products : retroarch
    • Published: Aug. 19, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption

  • 5.3

    MEDIUM
    CVE-2025-9134

    A security vulnerability has been detected in AfterShip Package Tracker App up to 5.24.1 on Android. The affected element is an unknown function of the file AndroidManifest.xml of the component com.aftership.AfterShip. The manipulation leads to improper e... Read more

    Affected Products :
    • Published: Aug. 19, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Misconfiguration

  • 7.8

    HIGH
    CVE-2025-7675

    A maliciously crafted 3DM file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the cont... Read more

    • Published: Jul. 29, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-7497

    A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the cont... Read more

    • Published: Jul. 29, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-6637

    A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the cont... Read more

    • Published: Jul. 29, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-6636

    A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of t... Read more

    • Published: Jul. 29, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-6635

    A maliciously crafted PRT file, when linked or imported into certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in th... Read more

    • Published: Jul. 29, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-6634

    A maliciously crafted TGA file, when linked or imported into Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.... Read more

    Affected Products : 3ds_max
    • Published: Aug. 06, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2025-6633

    A maliciously crafted RBG file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of th... Read more

    Affected Products : 3ds_max
    • Published: Aug. 06, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-6632

    A maliciously crafted PSD file, when linked or imported into Autodesk 3ds Max, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context... Read more

    Affected Products : 3ds_max
    • Published: Aug. 06, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-6631

    A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the cont... Read more

    • Published: Jul. 29, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-5335

    A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to an untrusted search path being utilized in the Autodesk Installer application. Exploitation of this vulnerability may lead to code execu... Read more

    Affected Products : installer
    • Published: Jun. 10, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Misconfiguration

  • 7.8

    HIGH
    CVE-2025-5043

    A maliciously crafted 3DM file, when linked or imported into certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in th... Read more

    • Published: Jul. 29, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-5042

    A maliciously crafted RFA file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the cur... Read more

    Affected Products : revit
    • Published: Jul. 22, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-5040

    A maliciously crafted RTE file, when parsed through Autodesk Revit, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the cur... Read more

    Affected Products : revit
    • Published: Jul. 10, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-5039

    A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.... Read more

    • Published: Jul. 24, 2025
    • Modified: Aug. 19, 2025
    • Vuln Type: Misconfiguration
Showing 20 of 292824 Results