Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2025-47973

    Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.... Read more

    • Published: Jul. 08, 2025
    • Modified: Jul. 14, 2025

  • 8.0

    HIGH
    CVE-2025-47972

    Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges over a network.... Read more

    • Published: Jul. 08, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Race Condition

  • 7.8

    HIGH
    CVE-2025-47971

    Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.... Read more

    • Published: Jul. 08, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Memory Corruption

  • 8.0

    HIGH
    CVE-2025-47178

    Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to execute code over an adjacent network.... Read more

    • Published: Jul. 08, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-47159

    Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.... Read more

    • Published: Jul. 08, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-47109

    After Effects versions 25.2, 24.6.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to service... Read more

    Affected Products : macos windows after_effects
    • Published: Jul. 08, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2025-43587

    After Effects versions 25.2, 24.6.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this i... Read more

    Affected Products : macos windows after_effects
    • Published: Jul. 08, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-43580

    Audition versions 25.2, 24.6.3 and earlier are affected by an Access of Memory Location After End of Buffer vulnerability that could result in application denial-of-service. An attacker could leverage this vulnerability to crash the application or disrupt... Read more

    Affected Products : macos windows audition
    • Published: Jul. 08, 2025
    • Modified: Jul. 15, 2025
    • Vuln Type: Memory Corruption

  • 8.1

    HIGH
    CVE-2025-33054

    Insufficient UI warning of dangerous operations in Remote Desktop Client allows an unauthorized attacker to perform spoofing over a network.... Read more

    • Published: Jul. 08, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-26636

    Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally.... Read more

    Affected Products : windows_11_24h2 windows_server_2025
    • Published: Jul. 08, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Information Disclosure

  • 6.0

    MEDIUM
    CVE-2025-21195

    Improper link resolution before file access ('link following') in Service Fabric allows an authorized attacker to elevate privileges locally.... Read more

    Affected Products : azure_service_fabric service_fabric
    • Published: Jul. 08, 2025
    • Modified: Jul. 22, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-21168

    Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this ... Read more

    Affected Products : substance_3d_designer
    • Published: Jul. 08, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-21167

    Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this ... Read more

    Affected Products : substance_3d_designer
    • Published: Jul. 08, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Information Disclosure

  • 7.8

    HIGH
    CVE-2025-21166

    Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim m... Read more

    Affected Products : substance_3d_designer
    • Published: Jul. 08, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-21165

    Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim m... Read more

    Affected Products : substance_3d_designer
    • Published: Jul. 08, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-21164

    Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim m... Read more

    Affected Products : substance_3d_designer
    • Published: Jul. 08, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Memory Corruption

  • 5.6

    MEDIUM
    CVE-2024-36357

    A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.... Read more

    Affected Products :
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Information Disclosure

  • 5.6

    MEDIUM
    CVE-2024-36350

    A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information.... Read more

    Affected Products :
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Information Disclosure

  • 3.8

    LOW
    CVE-2024-36349

    A transient execution vulnerability in some AMD processors may allow a user process to infer TSC_AUX even when such a read is disabled, potentially resulting in information leakage.... Read more

    Affected Products :
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Information Disclosure

  • 3.8

    LOW
    CVE-2024-36348

    A transient execution vulnerability in some AMD processors may allow a user process to infer the control registers speculatively even if UMIP feature is enabled, potentially resulting in information leakage.... Read more

    Affected Products :
    • Published: Jul. 08, 2025
    • Modified: Jul. 10, 2025
    • Vuln Type: Information Disclosure
Showing 20 of 291312 Results