Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

8.1

HIGH

CVE-2025-13639

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low)...

Affected Products : linux_kernel chrome macos windows edge_chromium
Published: Dec. 02, 2025

Modified: Dec. 08, 2025

Vuln Type: Memory Corruption
7.1

HIGH

CVE-2025-66327

Race condition vulnerability in the network module. Impact: Successful exploitation of this vulnerability may affect service confidentiality....

Affected Products : harmonyos
Published: Dec. 08, 2025

Modified: Dec. 08, 2025

Vuln Type: Race Condition
8.4

HIGH

CVE-2025-66328

Multi-thread race condition vulnerability in the network management module. Impact: Successful exploitation of this vulnerability may affect availability....

Affected Products : harmonyos
Published: Dec. 08, 2025

Modified: Dec. 08, 2025

Vuln Type: Race Condition
5.5

MEDIUM

CVE-2025-66330

App lock verification bypass vulnerability in the file management app. Impact: Successful exploitation of this vulnerability may affect service confidentiality....

Affected Products : harmonyos
Published: Dec. 08, 2025

Modified: Dec. 08, 2025

Vuln Type: Authorization
5.5

MEDIUM

CVE-2025-66331

Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability....

Affected Products : harmonyos
Published: Dec. 08, 2025

Modified: Dec. 08, 2025

Vuln Type: Denial of Service
5.5

MEDIUM

CVE-2025-66332

Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability....

Affected Products : harmonyos
Published: Dec. 08, 2025

Modified: Dec. 08, 2025

Vuln Type: Denial of Service
5.5

MEDIUM

CVE-2025-66333

Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability....

Affected Products : harmonyos
Published: Dec. 08, 2025

Modified: Dec. 08, 2025

Vuln Type: Denial of Service
7.8

HIGH

CVE-2025-48597

In multiple locations, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed ...

Affected Products : android
Published: Dec. 08, 2025

Modified: Dec. 08, 2025

Vuln Type: Authorization
6.6

MEDIUM

CVE-2025-48598

In multiple locations, there is a possible way to alter the primary user's face unlock settings due to a confused deputy. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed fo...

Affected Products : android
Published: Dec. 08, 2025

Modified: Dec. 08, 2025

Vuln Type: Authorization
6.8

MEDIUM

CVE-2025-59698

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader....

Affected Products : nshield_5c_firmware nshield_5c nshield_hsmi_firmware nshield_hsmi nshield_connect_xc_base_firmware nshield_connect_xc_base nshield_connect_xc_mid_firmware nshield_connect_xc_mid nshield_connect_xc_high_firmware nshield_connect_xc_high
Published: Dec. 02, 2025

Modified: Dec. 08, 2025

Vuln Type: Authentication
5.5

MEDIUM

CVE-2025-48601

In multiple locations, there is a possible permanent denial of service due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation....

Affected Products : android
Published: Dec. 08, 2025

Modified: Dec. 08, 2025

Vuln Type: Denial of Service
6.8

MEDIUM

CVE-2025-59699

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by booting from a USB device with a valid root filesystem. This occurs because of insecure default settings in ...

Affected Products : nshield_5c_firmware nshield_5c nshield_hsmi_firmware nshield_hsmi nshield_connect_xc_base_firmware nshield_connect_xc_base nshield_connect_xc_mid_firmware nshield_connect_xc_mid nshield_connect_xc_high_firmware nshield_connect_xc_high
Published: Dec. 02, 2025

Modified: Dec. 08, 2025

Vuln Type: Authentication
3.9

LOW

CVE-2025-59700

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with root access to modify the Recovery Partition (because of a lack of integrity protection)....

Affected Products : nshield_5c_firmware nshield_5c nshield_hsmi_firmware nshield_hsmi nshield_connect_xc_base_firmware nshield_connect_xc_base nshield_connect_xc_mid_firmware nshield_connect_xc_mid nshield_connect_xc_high_firmware nshield_connect_xc_high
Published: Dec. 02, 2025

Modified: Dec. 08, 2025

Vuln Type: Misconfiguration
7.8

HIGH

CVE-2025-48612

In multiple locations, there is a possible way for an application on a work profile to set the main user's default NFC payment setting due to improper input validation. This could lead to local escalation of privilege with no additional execution privileg...

Affected Products : android
Published: Dec. 08, 2025

Modified: Dec. 08, 2025

Vuln Type: Authorization
4.1

MEDIUM

CVE-2025-59701

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker (with elevated privileges) to read and modify the Appliance SSD contents (because they are unencrypted)....

Affected Products : nshield_5c_firmware nshield_5c nshield_hsmi_firmware nshield_hsmi nshield_connect_xc_base_firmware nshield_connect_xc_base nshield_connect_xc_mid_firmware nshield_connect_xc_mid nshield_connect_xc_high_firmware nshield_connect_xc_high
Published: Dec. 02, 2025

Modified: Dec. 08, 2025

Vuln Type: Misconfiguration
7.2

HIGH

CVE-2025-59702

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with elevated privileges to falsify tamper events by accessing internal components....

Affected Products : nshield_5c_firmware nshield_5c nshield_hsmi_firmware nshield_hsmi nshield_connect_xc_base_firmware nshield_connect_xc_base nshield_connect_xc_mid_firmware nshield_connect_xc_mid nshield_connect_xc_high_firmware nshield_connect_xc_high
Published: Dec. 02, 2025

Modified: Dec. 08, 2025

Vuln Type: Misconfiguration
6.8

MEDIUM

CVE-2025-59705

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to Escalate Privileges by enabling the USB interface through chassis probe insertion during system boot, aka "Unauthorized Reactivatio...

Affected Products : nshield_5c_firmware nshield_5c nshield_hsmi_firmware nshield_hsmi nshield_connect_xc_base_firmware nshield_connect_xc_base nshield_connect_xc_mid_firmware nshield_connect_xc_mid nshield_connect_xc_high_firmware nshield_connect_xc_high
Published: Dec. 02, 2025

Modified: Dec. 08, 2025

Vuln Type: Misconfiguration
9.1

CRITICAL

CVE-2025-59703

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a Physically Proximate Attacker to access the internal components of the appliance, without leaving tamper evidence. To exploit this, the attacker needs to remove the...

Affected Products : nshield_5c_firmware nshield_5c nshield_hsmi_firmware nshield_hsmi nshield_connect_xc_base_firmware nshield_connect_xc_base nshield_connect_xc_mid_firmware nshield_connect_xc_mid nshield_connect_xc_high_firmware nshield_connect_xc_high
Published: Dec. 02, 2025

Modified: Dec. 08, 2025

Vuln Type: Authentication
4.6

MEDIUM

CVE-2025-59704

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow an attacker to gain access the the BIOS menu because is has no password....

Affected Products : nshield_5c_firmware nshield_5c nshield_hsmi_firmware nshield_hsmi nshield_connect_xc_base_firmware nshield_connect_xc_base nshield_connect_xc_mid_firmware nshield_connect_xc_mid nshield_connect_xc_high_firmware nshield_connect_xc_high
Published: Dec. 02, 2025

Modified: Dec. 08, 2025

Vuln Type: Misconfiguration
9.8

CRITICAL

CVE-2025-66208

Collabora Online - Built-in CODE Server (richdocumentscode) provides a built-in server with all of the document editing features of Collabora Online. In versions prior to 25.04.702, Collabora Online has a Configuration-Dependent RCE (OS Command Injection)...

Affected Products : online
Published: Dec. 03, 2025

Modified: Dec. 08, 2025

Vuln Type: Injection

Showing 20 of 3914 Results

Browse by Apps

Latest CVE Feed

8.1

7.1

8.4

5.5

5.5

5.5

5.5

7.8

6.6

6.8

5.5

6.8

3.9

7.8

4.1

7.2

6.8

9.1

4.6

9.8

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable