Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2025-43578

    Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as... Read more

    • Published: Jun. 10, 2025
    • Modified: Jun. 27, 2025
    • Vuln Type: Information Disclosure

  • 7.8

    HIGH
    CVE-2025-43577

    Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact... Read more

    • Published: Jun. 10, 2025
    • Modified: Jun. 27, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-43576

    Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact... Read more

    • Published: Jun. 10, 2025
    • Modified: Jun. 27, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-43575

    Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user in... Read more

    • Published: Jun. 10, 2025
    • Modified: Jun. 27, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-43574

    Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact... Read more

    • Published: Jun. 10, 2025
    • Modified: Jun. 27, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-43573

    Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact... Read more

    • Published: Jun. 10, 2025
    • Modified: Jun. 27, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-43550

    Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact... Read more

    • Published: Jun. 10, 2025
    • Modified: Jun. 27, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-30327

    InCopy versions 20.2, 19.5.3 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victi... Read more

    Affected Products : macos windows incopy
    • Published: Jun. 10, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2025-5971

    A vulnerability was found in code-projects School Fees Payment System 1.0. It has been classified as critical. This affects an unknown part of the file /ajx.php. The manipulation of the argument name_startsWith leads to sql injection. It is possible to in... Read more

    Affected Products : school_fees_payment_system
    • Published: Jun. 10, 2025
    • Modified: Jun. 16, 2025
    • Vuln Type: Injection

  • 8.8

    HIGH
    CVE-2025-5943

    MicroDicom DICOM Viewer suffers from an out-of-bounds write vulnerability. Remote attackers are able to exploit this issue to potentially execute arbitrary code on affected installations of DICOM Viewer. User interaction is required to exploit the vulne... Read more

    Affected Products : dicom_viewer
    • Published: Jun. 10, 2025
    • Modified: Jun. 12, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-43588

    Substance3D - Sampler versions 5.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mus... Read more

    Affected Products : substance_3d_sampler
    • Published: Jun. 10, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-43581

    Substance3D - Sampler versions 5.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mus... Read more

    Affected Products : substance_3d_sampler
    • Published: Jun. 10, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Memory Corruption

  • 6.1

    MEDIUM
    CVE-2025-36580

    Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerabilit... Read more

    Affected Products : wyse_management_suite
    • Published: Jun. 10, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.8

    MEDIUM
    CVE-2025-36578

    Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Incorrect Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.... Read more

    Affected Products : wyse_management_suite
    • Published: Jun. 10, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Authorization

  • 6.1

    MEDIUM
    CVE-2025-36577

    Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerabilit... Read more

    Affected Products : wyse_management_suite
    • Published: Jun. 10, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Cross-Site Scripting

  • 2.7

    LOW
    CVE-2025-36576

    Dell Wyse Management Suite, versions prior to WMS 5.2, contain a Cross-Site Request Forgery (CSRF) vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Server-side request forgery.... Read more

    Affected Products : wyse_management_suite
    • Published: Jun. 10, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 7.5

    HIGH
    CVE-2025-36575

    Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Exposure of Sensitive Information Through Data Queries vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information dis... Read more

    Affected Products : wyse_management_suite
    • Published: Jun. 10, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Information Disclosure

  • 8.2

    HIGH
    CVE-2025-36574

    Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Absolute Path Traversal vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure and Unauthorized access... Read more

    Affected Products : wyse_management_suite
    • Published: Jun. 10, 2025
    • Modified: Jul. 11, 2025
    • Vuln Type: Path Traversal

  • 6.6

    MEDIUM
    CVE-2025-2884

    TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standar... Read more

    Affected Products :
    • Published: Jun. 10, 2025
    • Modified: Jun. 13, 2025
    • Vuln Type: Cryptography

  • 9.8

    CRITICAL
    CVE-2025-2474

    Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec.... Read more

    Affected Products : qnx_software_development_platform
    • Published: Jun. 10, 2025
    • Modified: Jun. 12, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 291513 Results