Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    CVSS31
    CVE-2025-5307

    Santesoft Sante DICOM Viewer Pro contains a memory corruption vulnerability. A local attacker could exploit this issue to potentially disclose information and to execute arbitrary code on affected installations of Sante DICOM Viewer Pro.... Read more

    Affected Products : dicom_viewer_pro
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 4.6

    CVSS31
    CVE-2025-31264

    An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.... Read more

    Affected Products : macos
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 9.1

    CVSS31
    CVE-2025-31263

    The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4. An app may be able to corrupt coprocessor memory.... Read more

    Affected Products : macos
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 5.5

    CVSS31
    CVE-2025-31261

    A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to access protected user data.... Read more

    Affected Products : macos
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 5.5

    CVSS31
    CVE-2025-31231

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to read sensitive location information.... Read more

    Affected Products : macos
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 5.5

    CVSS31
    CVE-2025-31199

    A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.4 and iPadOS 18.4, visionOS 2.4, macOS Sequoia 15.4. An app may be able to access sensitive user data.... Read more

    Affected Products : macos iphone_os ipados visionos
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 5.5

    CVSS31
    CVE-2025-31198

    This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A path handling issue was addressed with improved validation.... Read more

    Affected Products : macos
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 8.2

    CVSS31
    CVE-2025-31189

    A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to break out of its sandbox.... Read more

    Affected Products : macos
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 9.8

    CVSS31
    CVE-2025-30466

    This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, visionOS 2.4, macOS Sequoia 15.4. A website may be able to bypass Same Origin Policy.... Read more

    Affected Products : macos iphone_os safari ipados visionos
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 5.4

    CVSS31
    CVE-2025-5328

    A vulnerability was found in chshcms mccms 2.7. It has been declared as critical. This vulnerability affects the function restore_del of the file /sys/apps/controllers/admin/Backups.php. The manipulation of the argument dirs leads to path traversal. The a... Read more

    Affected Products : mccms
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 6.3

    CVSS31
    CVE-2025-5327

    A vulnerability was found in chshcms mccms 2.7. It has been classified as critical. This affects the function index of the file sys/apps/controllers/api/Gf.php. The manipulation of the argument pic leads to server-side request forgery. It is possible to i... Read more

    Affected Products : mccms
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 6.3

    CVSS31
    CVE-2025-5326

    A vulnerability was found in zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0 and classified as critical. Affected by this issue is some unknown functionality of the file /adpweb/wechat/verifyToken/. The manipulation leads to deseria... Read more

    Affected Products :
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 6.3

    CVSS31
    CVE-2025-5325

    A vulnerability has been found in zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /adpweb/a/ica/api/service/rfa/testService. The mani... Read more

    Affected Products :
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 9.1

    CVSS31
    CVE-2025-4967

    Esri Portal for ArcGIS 11.4 and prior allows a remote, unauthenticated attacker to bypass the Portal’s SSRF protections.... Read more

    Affected Products : portal_for_arcgis
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 9.0

    CVSS31
    CVE-2025-47933

    Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.13.8, 2.14.13, and 3.0.4, an attacker can perform arbitrary actions on behalf of the victim via the API. Due to the improper filtering of URL protocols in the re... Read more

    Affected Products : argo-cd
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 3.5

    CVSS31
    CVE-2025-47288

    Discourse Policy plugin gives the ability to confirm users have seen or done something. Prior to version 0.1.1, if there was a policy posted to a public topic that was tied to a private group then the group members could be shown to non-group members. Thi... Read more

    Affected Products :
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 5.3

    CVSS31
    CVE-2025-3050

    IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user to cause a denial of service when using Q replication due to the improper allocation of CPU resources.... Read more

    Affected Products : db2
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 5.3

    CVSS31
    CVE-2025-2518

    IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query.... Read more

    Affected Products : db2
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 7.5

    CVSS31
    CVE-2024-54952

    MikroTik RouterOS 6.40.5, the SMB service contains a memory corruption vulnerability. Remote, unauthenticated attackers can exploit this issue by sending specially crafted packets, triggering a null pointer dereference. This leads to a Remote Denial of Se... Read more

    Affected Products :
    • Published: May. 29, 2025
    • Modified: May. 30, 2025

  • 6.5

    CVSS31
    CVE-2024-49350

    IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query... Read more

    Affected Products : db2
    • Published: May. 29, 2025
    • Modified: May. 30, 2025
Showing 20 of 192 Results
© cvefeed.io
Latest DB Update: May. 31, 2025 3:41