Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.0

    MEDIUM
    CVE-2025-43370

    A path handling issue was addressed with improved validation. This issue is fixed in Xcode 26. Processing an overly large path value may crash a process.... Read more

    Affected Products : xcode
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Path Traversal

  • 8.2

    HIGH
    CVE-2025-43371

    This issue was addressed with improved checks. This issue is fixed in Xcode 26. An app may be able to break out of its sandbox.... Read more

    Affected Products : xcode
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025

  • 0.0

    NA
    CVE-2025-10594

    A flaw has been found in SourceCodester Online Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/delete_student.php. Executing manipulation of the argument stud_id can lead to sql injection. ... Read more

    Affected Products :
    • Published: Sep. 17, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Injection

  • 9.8

    CRITICAL
    CVE-2025-34069

    An authentication bypass vulnerability exists in GFI Kerio Control 9.4.5 due to insecure default proxy configuration and weak access control in the GFIAgent service. The non-transparent proxy on TCP port 3128 can be used to forward unauthenticated request... Read more

    Affected Products : kerio_control
    • Published: Jul. 02, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Authentication

  • 8.2

    HIGH
    CVE-2025-43330

    This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Tahoe 26. An app may be able to break out of its sandbox.... Read more

    Affected Products : macos
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Authorization

  • 9.8

    CRITICAL
    CVE-2025-43359

    A logic issue was addressed with improved state management. This issue is fixed in tvOS 26, macOS Sonoma 14.8, macOS Sequoia 15.7, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. A UDP server socket bound to a loca... Read more

    Affected Products : macos iphone_os tvos watchos ipados visionos
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Misconfiguration

  • 8.8

    HIGH
    CVE-2025-43358

    A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, iOS 18.7 and iPadOS 18.7, macOS Tahoe 26, iOS 26 and iPadOS 26. A shortcut may be able to bypass sandbox restrictions.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-43367

    A privacy issue was addressed by moving sensitive data. This issue is fixed in macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data.... Read more

    Affected Products : macos
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Information Disclosure

  • 10.0

    CRITICAL
    CVE-2025-34070

    A missing authentication vulnerability in the GFIAgent component of GFI Kerio Control 9.4.5 allows unauthenticated remote attackers to perform privileged operations. The GFIAgent service, responsible for integration with GFI AppManager, exposes HTTP servi... Read more

    Affected Products : kerio_control
    • Published: Jul. 02, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Authentication

  • 5.5

    MEDIUM
    CVE-2025-43353

    The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. Processing a maliciously crafted string may lead to heap corruption.... Read more

    Affected Products : macos
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Memory Corruption

  • 2.8

    LOW
    CVE-2025-43349

    An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 26, macOS Sonoma 14.8, macOS Sequoia 15.7, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing a malicio... Read more

    Affected Products : macos iphone_os tvos watchos ipados visionos
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-50709

    An issue in Perplexity AI GPT-4 allows a remote attacker to obtain sensitive information via a GET parameter... Read more

    Affected Products :
    • Published: Sep. 17, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Information Disclosure

  • 3.3

    LOW
    CVE-2025-43357

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to fingerprint the user.... Read more

    Affected Products : macos iphone_os ipados
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-43355

    A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 26, macOS Sonoma 14.8, macOS Sequoia 15.7, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to cause... Read more

    Affected Products : macos iphone_os tvos watchos ipados visionos
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Memory Corruption

  • 7.8

    HIGH
    CVE-2025-43341

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to gain root privileges.... Read more

    Affected Products : macos
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Authorization

  • 6.5

    MEDIUM
    CVE-2025-43332

    A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to break out of its sandbox.... Read more

    Affected Products : macos
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2025-43315

    This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access user-sensitive data.... Read more

    Affected Products : macos
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Information Disclosure

  • 7.8

    HIGH
    CVE-2025-43316

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26, visionOS 26. A malicious app may be able to gain root privileges.... Read more

    Affected Products : macos visionos
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-43317

    A permissions issue was addressed with additional restrictions. This issue is fixed in tvOS 26, watchOS 26, visionOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to access sensitive user data.... Read more

    Affected Products : macos iphone_os tvos watchos ipados visionos
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Authorization

  • 6.2

    MEDIUM
    CVE-2025-43318

    This issue was addressed with additional entitlement checks. This issue is fixed in macOS Tahoe 26. An app with root privileges may be able to access private information.... Read more

    Affected Products : macos
    • Published: Sep. 15, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Authorization
Showing 20 of 294357 Results