Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2025-49526

    Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mu... Read more

    Affected Products : macos windows illustrator
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-49525

    Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.... Read more

    Affected Products : macos windows illustrator
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-49524

    Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption in servi... Read more

    Affected Products : macos windows illustrator
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Denial of Service

  • 7.8

    HIGH
    CVE-2025-47136

    InDesign Desktop versions 19.5.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in ... Read more

    Affected Products : macos windows indesign
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-47134

    InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim... Read more

    Affected Products : macos windows indesign
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-47103

    InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim... Read more

    Affected Products : macos windows indesign
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-43594

    InDesign Desktop versions 19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must ... Read more

    Affected Products : macos windows indesign
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-43592

    InDesign Desktop versions 19.5.3 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a ... Read more

    Affected Products : macos windows indesign
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-43591

    InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim... Read more

    Affected Products : macos windows indesign
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-30313

    Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.... Read more

    Affected Products : macos windows illustrator
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Information Disclosure

  • 9.6

    CRITICAL
    CVE-2025-27203

    Adobe Connect versions 24.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution by an attacker. Exploitation of this issue does require user interaction and scope is changed.... Read more

    Affected Products : connect windows
    • Published: Jul. 08, 2025
    • Modified: Jul. 18, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2025-27165

    Substance3D - Stager versions 3.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.... Read more

    Affected Products : macos windows substance_3d_stager
    • Published: Jul. 08, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Information Disclosure

  • 9.8

    CRITICAL
    CVE-2025-7196

    A vulnerability was found in code-projects Jonnys Liquor 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /browse.php. The manipulation of the argument Search leads to sql injection. The attack may be la... Read more

    Affected Products : jonnys_liquor
    • Published: Jul. 08, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Injection

  • 9.0

    HIGH
    CVE-2025-7194

    A vulnerability was found in D-Link DI-500WF 17.04.10A1T. It has been declared as critical. Affected by this vulnerability is the function sprintf of the file ip_position.asp of the component jhttpd. The manipulation of the argument ip leads to stack-base... Read more

    Affected Products : di-500wf_firmware di-500wf
    • Published: Jul. 08, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Memory Corruption

  • 5.3

    MEDIUM
    CVE-2025-7031

    Missing Authentication for Critical Function vulnerability in Drupal Config Pages Viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Config Pages Viewer: from 0.0.0 before 1.0.4.... Read more

    Affected Products :
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Authentication

  • 6.5

    MEDIUM
    CVE-2025-7030

    Privilege Defined With Unsafe Actions vulnerability in Drupal Two-factor Authentication (TFA) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Two-factor Authentication (TFA): from 0.0.0 before 1.11.0.... Read more

    Affected Products : two-factor_authentication
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Authorization

  • 8.8

    HIGH
    CVE-2025-49551

    ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in privilege escalation. An attacker could leverage this vulnerability to gain unauthorized access to sensitive system... Read more

    Affected Products : coldfusion
    • Published: Jul. 08, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Authentication

  • 2.4

    LOW
    CVE-2025-49546

    ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Access Control vulnerability that could lead to a partial application denial-of-service. A high-privileged attacker could exploit this vulnerability to partially disrupt ... Read more

    Affected Products : coldfusion
    • Published: Jul. 08, 2025
    • Modified: Jul. 15, 2025
    • Vuln Type: Authorization

  • 6.2

    MEDIUM
    CVE-2025-49545

    ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A high-privilege authenticated attacker can force the application to make arbitrary ... Read more

    Affected Products : coldfusion
    • Published: Jul. 08, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Server-Side Request Forgery

  • 6.8

    MEDIUM
    CVE-2025-49544

    ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerab... Read more

    Affected Products : coldfusion
    • Published: Jul. 08, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: XML External Entity
Showing 20 of 291312 Results