Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.8

HIGH

CVE-2025-62562

Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally....

Affected Products : office word sharepoint_server 365_apps office_long_term_servicing_channel office_macos_2024 office_macos_2021 sharepoint_server_2016 word_2016 sharepoint_server_2019 +3 more products
Published: Dec. 09, 2025

Modified: Dec. 09, 2025
7.8

HIGH

CVE-2025-62454

Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2019 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_23h2 windows_server_2022_23h2 windows_server_23h2 windows_11_24h2 windows_server_2025 +1 more products
Published: Dec. 09, 2025

Modified: Dec. 12, 2025
7.8

HIGH

CVE-2025-62552

Relative path traversal in Microsoft Office Access allows an unauthorized attacker to execute code locally....

Affected Products : office access 365_apps office_long_term_servicing_channel access_2016 office_2024 office_2021 office_2019
Published: Dec. 09, 2025

Modified: Dec. 09, 2025
7.8

HIGH

CVE-2025-64899

Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory stru...

Affected Products : acrobat_dc acrobat_reader_dc macos acrobat acrobat_reader windows
Published: Dec. 09, 2025

Modified: Dec. 12, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-36918

In aoc_service_read_message of aoc_ipc_core.c, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitati...

Affected Products : android
Published: Dec. 11, 2025

Modified: Dec. 12, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-36919

In aocc_read of aoc_channel_dev.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation....

Affected Products : android
Published: Dec. 11, 2025

Modified: Dec. 12, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-66496

A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing PRC data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory acces...

Affected Products : windows pdf_editor pdf_reader
Published: Dec. 19, 2025

Modified: Dec. 23, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-67488

SiYuan is self-hosted, open source personal knowledge management software. Versions 0.0.0-20251202123337-6ef83b42c7ce and below contain function importZipMd which is vulnerable to ZipSlips, allowing an authenticated user to overwrite files on the system. ...

Affected Products : siyuan
Published: Dec. 09, 2025

Modified: Dec. 12, 2025

Vuln Type: Path Traversal
7.8

HIGH

CVE-2025-55312

An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume...

Affected Products : macos windows pdf_editor pdf_reader
Published: Dec. 11, 2025

Modified: Dec. 18, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-62466

Null pointer dereference in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally....

Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_23h2 +8 more products
Published: Dec. 09, 2025

Modified: Dec. 12, 2025
7.8

HIGH

CVE-2025-36931

In GetHostAddress of gxp_buffer.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation....

Affected Products : android
Published: Dec. 11, 2025

Modified: Dec. 12, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-10884

AA maliciously crafted CATPART file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the...

Affected Products : 3ds_max autocad advance_steel autocad_architecture autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d revit +6 more products
Published: Dec. 16, 2025

Modified: Dec. 19, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-10887

A maliciously crafted MODEL file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process....

Affected Products : 3ds_max autocad advance_steel autocad_architecture autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d revit +6 more products
Published: Dec. 16, 2025

Modified: Dec. 19, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-14593

A maliciously crafted CATPART file, when parsed through certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the con...

Affected Products : 3ds_max autocad advance_steel autocad_architecture autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d revit +6 more products
Published: Dec. 16, 2025

Modified: Dec. 19, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-10900

AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the c...

Affected Products : 3ds_max autocad advance_steel autocad_architecture autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d revit +6 more products
Published: Dec. 16, 2025

Modified: Dec. 19, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-10888

AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the c...

Affected Products : 3ds_max autocad advance_steel autocad_architecture autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d revit +6 more products
Published: Dec. 16, 2025

Modified: Dec. 19, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-10889

A maliciously crafted CATPART file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process....

Affected Products : 3ds_max autocad advance_steel autocad_architecture autocad_electrical autocad_map_3d autocad_mechanical autocad_mep autocad_plant_3d revit +6 more products
Published: Dec. 16, 2025

Modified: Dec. 19, 2025

Vuln Type: Memory Corruption
7.8

HIGH

CVE-2025-48629

In findAvailRecognizer of VoiceInteractionManagerService.java, there is a possible way to become the default speech recognizer app due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges n...

Affected Products : android
Published: Dec. 08, 2025

Modified: Dec. 08, 2025

Vuln Type: Misconfiguration
7.8

HIGH

CVE-2024-46062

Miniconda3 macOS installers before 23.11.0-1 contain a local privilege escalation vulnerability when installed outside the user's home directory. During installation, world-writable files are created and executed with root privileges. This flaw allows a l...

Affected Products :
Published: Dec. 17, 2025

Modified: Dec. 18, 2025

Vuln Type: Misconfiguration
7.8

HIGH

CVE-2025-36930

In GetHostAddress of gxp_buffer.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation....

Affected Products : android
Published: Dec. 11, 2025

Modified: Dec. 12, 2025

Vuln Type: Memory Corruption

Showing 20 of 5207 Results

Browse by Apps

Latest CVE Feed

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

7.8

CVEFeed.io UI Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable