Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-54520

    A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to overwrite arbitrary files.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Mar. 24, 2025
    • Vuln Type: Path Traversal

  • 5.5

    MEDIUM
    CVE-2024-54519

    The issue was resolved by sanitizing logging. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to read sensitive location information.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Mar. 19, 2025
    • Vuln Type: Information Disclosure

  • 5.3

    MEDIUM
    CVE-2024-54518

    The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Jan. 27, 2025
    • Modified: Mar. 14, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2024-54517

    The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Jan. 27, 2025
    • Modified: Jan. 31, 2025
    • Vuln Type: Memory Corruption

  • 3.3

    LOW
    CVE-2024-54516

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to approve a launch daemon without user consent.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Jan. 31, 2025
    • Vuln Type: Authorization

  • 9.1

    CRITICAL
    CVE-2024-54512

    The issue was addressed by removing the relevant flags. This issue is fixed in watchOS 11.2, iOS 18.2 and iPadOS 18.2. A system binary could be used to fingerprint a user's Apple Account.... Read more

    Affected Products : iphone_os watchos ipados
    • Published: Jan. 27, 2025
    • Modified: Feb. 04, 2025
    • Vuln Type: Information Disclosure

  • 7.8

    HIGH
    CVE-2024-54509

    An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Feb. 04, 2025
    • Vuln Type: Memory Corruption

  • 9.1

    CRITICAL
    CVE-2024-54507

    A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. An attacker with user privileges may be able to read kernel memory.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Jan. 27, 2025
    • Modified: Mar. 14, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2024-54499

    A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing a maliciously crafted image may lead to arbitrary code execution.... Read more

    Affected Products : macos iphone_os tvos watchos ipados visionos
    • Published: Jan. 27, 2025
    • Modified: Mar. 14, 2025
    • Vuln Type: Memory Corruption

  • 6.5

    MEDIUM
    CVE-2024-54497

    The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. Processing web content may lead to a denial... Read more

    Affected Products : macos iphone_os tvos watchos ipados visionos
    • Published: Jan. 27, 2025
    • Modified: Feb. 04, 2025
    • Vuln Type: Denial of Service

  • 5.3

    MEDIUM
    CVE-2024-54488

    A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Photos in the Hidden Photos Album may be viewed without authentication.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Jan. 27, 2025
    • Modified: Feb. 05, 2025
    • Vuln Type: Authentication

  • 6.5

    MEDIUM
    CVE-2024-54478

    An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iPadOS 17.7.4, visionOS 2.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, macOS Sonoma 14.7.2, macOS Sequoia 15.2. Processing maliciously crafted web c... Read more

    Affected Products : macos iphone_os tvos watchos ipados visionos
    • Published: Jan. 27, 2025
    • Modified: Mar. 18, 2025
    • Vuln Type: Memory Corruption

  • 3.3

    LOW
    CVE-2024-54475

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Ventura 13.7.2. An app may be able to determine a user’s current location.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Mar. 13, 2025
    • Vuln Type: Information Disclosure

  • 8.2

    HIGH
    CVE-2024-54468

    The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.2, tvOS 18.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sonoma 14.7.2, macOS Sequoia 15.2. An app may be able to break out of its sandbox.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Jan. 27, 2025
    • Modified: Mar. 14, 2025

  • 3.3

    LOW
    CVE-2024-44172

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7.3, macOS Sonoma 14.7.3, macOS Sequoia 15. An app may be able to access contacts.... Read more

    Affected Products : macos
    • Published: Jan. 27, 2025
    • Modified: Feb. 05, 2025
    • Vuln Type: Information Disclosure

  • 6.5

    MEDIUM
    CVE-2024-37526

    IBM Watson Query on Cloud Pak for Data (IBM Data Virtualization 1.8, 2.0, 2.1, 2.2, and 3.0.0) could allow an authenticated user to obtain sensitive information from objects published using Watson Query due to an improper data protection mechanism.... Read more

    • Published: Jan. 27, 2025
    • Modified: Aug. 18, 2025

  • 7.5

    HIGH
    CVE-2025-0753

    A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0. This vulnerability affects the function AP4_StdcFileByteStream::ReadPartial of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack can be... Read more

    Affected Products : bento4
    • Published: Jan. 27, 2025
    • Modified: Feb. 28, 2025

  • 7.5

    HIGH
    CVE-2025-0751

    A vulnerability classified as critical has been found in Axiomatic Bento4 up to 1.6.0. This affects the function AP4_BitReader::ReadBits of the component mp42aac. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack ... Read more

    Affected Products : bento4
    • Published: Jan. 27, 2025
    • Modified: Feb. 28, 2025
    • Vuln Type: Memory Corruption

  • 10.0

    CRITICAL
    CVE-2024-48841

    Network access can be used to execute arbitrary code with elevated privileges. This issue affects FLXEON 9.3.4 and older.... Read more

    Affected Products :
    • Published: Jan. 27, 2025
    • Modified: Feb. 14, 2025
    • Vuln Type: Authentication

  • 7.2

    HIGH
    CVE-2025-0734

    A vulnerability has been found in y_project RuoYi up to 4.8.0 and classified as critical. This vulnerability affects the function getBeanName of the component Whitelist. The manipulation leads to deserialization. The attack can be initiated remotely. The ... Read more

    Affected Products : ruoyi
    • Published: Jan. 27, 2025
    • Modified: May. 13, 2025
    • Vuln Type: Misconfiguration
Showing 20 of 291219 Results