Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2025-30329

    Animate versions 24.0.8, 23.0.11 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption of service. E... Read more

    Affected Products : macos windows animate
    • Published: May. 13, 2025
    • Modified: May. 15, 2025
    • Vuln Type: Denial of Service

  • 7.8

    HIGH
    CVE-2025-30328

    Animate versions 24.0.8, 23.0.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must ... Read more

    Affected Products : macos windows animate
    • Published: May. 13, 2025
    • Modified: May. 15, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-30326

    Photoshop Desktop versions 26.5, 25.12.2 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in... Read more

    Affected Products : photoshop
    • Published: May. 13, 2025
    • Modified: May. 15, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-30325

    Photoshop Desktop versions 26.5, 25.12.2 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in ... Read more

    Affected Products : macos windows photoshop
    • Published: May. 13, 2025
    • Modified: May. 22, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-30324

    Photoshop Desktop versions 26.5, 25.12.2 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interac... Read more

    Affected Products : macos windows photoshop
    • Published: May. 13, 2025
    • Modified: May. 22, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-30322

    Substance3D - Painter versions 11.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mu... Read more

    Affected Products : substance_3d_painter
    • Published: May. 13, 2025
    • Modified: May. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-27197

    Lightroom Desktop versions 8.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op... Read more

    Affected Products : lightroom
    • Published: May. 13, 2025
    • Modified: May. 22, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2023-31359

    Incorrect default permissions in the AMD Manageability API could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.... Read more

    Affected Products : aim-t_manageability_api
    • Published: May. 13, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2023-31358

    A DLL hijacking vulnerability in the AMD Manageability API could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.... Read more

    Affected Products : aim-t_manageability_api
    • Published: May. 13, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2025-4658

    Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also appl... Read more

    Affected Products : opkssh openpubkey
    • Published: May. 13, 2025
    • Modified: May. 22, 2025
    • Vuln Type: Authentication

  • 6.1

    MEDIUM
    CVE-2025-47280

    Umbraco Forms is a form builder that integrates with the Umbraco content management system. Starting in the 7.x branch and prior to versions 13.4.2 and 15.1.2, the 'Send email' workflow does not HTML encode the user-provided field values in the sent email... Read more

    Affected Products : umbraco_forms
    • Published: May. 13, 2025
    • Modified: May. 22, 2025
    • Vuln Type: Misconfiguration

  • 9.8

    CRITICAL
    CVE-2025-3757

    Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification.... Read more

    Affected Products : openpubkey
    • Published: May. 13, 2025
    • Modified: May. 23, 2025
    • Vuln Type: Authentication

  • 7.8

    HIGH
    CVE-2025-32709

    Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.... Read more

    • Actively Exploited
    • Published: May. 13, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-32707

    Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.... Read more

    • Published: May. 13, 2025
    • Modified: May. 19, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-32706

    Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.... Read more

    • Actively Exploited
    • Published: May. 13, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-32705

    Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.... Read more

    • Published: May. 13, 2025
    • Modified: May. 19, 2025
    • Vuln Type: Memory Corruption

  • 8.4

    HIGH
    CVE-2025-32704

    Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.... Read more

    • Published: May. 13, 2025
    • Modified: May. 19, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-32703

    Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.... Read more

    • Published: May. 13, 2025
    • Modified: May. 19, 2025
    • Vuln Type: Authorization

  • 7.8

    HIGH
    CVE-2025-32702

    Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an unauthorized attacker to execute code locally.... Read more

    • Published: May. 13, 2025
    • Modified: May. 19, 2025
    • Vuln Type: Injection

  • 7.8

    HIGH
    CVE-2025-32701

    Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.... Read more

    • Actively Exploited
    • Published: May. 13, 2025
    • Modified: May. 16, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 293620 Results