Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.4

    HIGH
    CVE-2024-40669

    In TBD of TBD, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Jan. 28, 2025
    • Modified: Jun. 27, 2025
    • Vuln Type: Race Condition

  • 8.4

    HIGH
    CVE-2024-40670

    In TBD of TBD, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.... Read more

    Affected Products : android
    • Published: Jan. 28, 2025
    • Modified: Jun. 27, 2025
    • Vuln Type: Race Condition

  • 5.5

    MEDIUM
    CVE-2022-31651

    In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in libsox.a.... Read more

    Affected Products : sound_exchange sox
    • Published: May. 25, 2022
    • Modified: Jun. 27, 2025

  • 9.1

    CRITICAL
    CVE-2021-3643

    A flaw was found in sox 14.4.1. The lsx_adpcm_init function within libsox leads to a global-buffer-overflow. This flaw allows an attacker to input a malicious file, leading to the disclosure of sensitive information.... Read more

    Affected Products : sound_exchange sox
    • Published: May. 02, 2022
    • Modified: Jun. 27, 2025

  • 5.5

    MEDIUM
    CVE-2021-33844

    A floating point exception (divide-by-zero) issue was discovered in SoX in functon startread() of wav.c file. An attacker with a crafted wav file, could cause an application to crash.... Read more

    Affected Products : sound_exchange sox
    • Published: Aug. 25, 2022
    • Modified: Jun. 27, 2025

  • 5.5

    MEDIUM
    CVE-2022-31650

    In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff.c in libsox.a.... Read more

    Affected Products : sound_exchange sox
    • Published: May. 25, 2022
    • Modified: Jun. 27, 2025

  • 5.5

    MEDIUM
    CVE-2021-23210

    A floating point exception (divide-by-zero) issue was discovered in SoX in functon read_samples() of voc.c file. An attacker with a crafted file, could cause an application to crash.... Read more

    Affected Products : sound_exchange sox
    • Published: Aug. 25, 2022
    • Modified: Jun. 27, 2025

  • 5.5

    MEDIUM
    CVE-2021-23159

    A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function lsx_read_w_buf() in formats_i.c file. The vulnerability is exploitable with a crafted file, that could cause an application to crash.... Read more

    Affected Products : sound_exchange sox
    • Published: Aug. 25, 2022
    • Modified: Jun. 27, 2025

  • 5.5

    MEDIUM
    CVE-2021-23172

    A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function startread() in hcom.c file. The vulnerability is exploitable with a crafted hcomn file, that could cause an application to crash.... Read more

    Affected Products : sound_exchange sox
    • Published: Aug. 25, 2022
    • Modified: Jun. 27, 2025

  • 7.8

    HIGH
    CVE-2023-34318

    A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure.... Read more

    • Published: Jul. 10, 2023
    • Modified: Jun. 27, 2025

  • 6.2

    MEDIUM
    CVE-2023-32627

    A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service.... Read more

    • Published: Jul. 10, 2023
    • Modified: Jun. 27, 2025

  • 6.2

    MEDIUM
    CVE-2023-26590

    A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.... Read more

    • Published: Jul. 10, 2023
    • Modified: Jun. 27, 2025

  • 9.8

    CRITICAL
    CVE-2024-44546

    Powerjob >= 3.20 is vulnerable to SQL injection via the version parameter.... Read more

    Affected Products : powerjob
    • Published: Nov. 11, 2024
    • Modified: Jun. 27, 2025

  • 4.3

    MEDIUM
    CVE-2024-10971

    Improper access control in the Password History feature in Devolutions DVLS 2024.3.6 and earlier allows a malicious authenticated user to obtain sensitive data via faulty permission.... Read more

    Affected Products : devolutions_server
    • Published: Nov. 12, 2024
    • Modified: Jun. 27, 2025

  • 6.5

    MEDIUM
    CVE-2021-27704

    Appspace 6.2.4 is affected by Incorrect Access Control via the Appspace Web Portal password reset page.... Read more

    Affected Products : appspace
    • Published: Nov. 12, 2024
    • Modified: Jun. 27, 2025

  • 7.5

    HIGH
    CVE-2024-37400

    An out of bounds read in Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to trigger an infinite loop, causing a denial of service.... Read more

    Affected Products : connect_secure
    • Published: Nov. 13, 2024
    • Modified: Jun. 27, 2025

  • 4.4

    MEDIUM
    CVE-2024-38654

    Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service.... Read more

    Affected Products : secure_access_client
    • Published: Nov. 13, 2024
    • Modified: Jun. 27, 2025

  • 9.1

    CRITICAL
    CVE-2024-38655

    Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.1 and 9.1R18.9 allows a remote authenticated attacker with admin privileges to achieve remote code execution.... Read more

    Affected Products : connect_secure policy_secure
    • Published: Nov. 13, 2024
    • Modified: Jun. 27, 2025

  • 9.1

    CRITICAL
    CVE-2024-38656

    Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution.... Read more

    Affected Products : connect_secure policy_secure
    • Published: Nov. 13, 2024
    • Modified: Jun. 27, 2025

  • 9.8

    CRITICAL
    CVE-2025-6611

    A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /php_action/createBrand.php. The manipulation of the argument brandStatus leads to sql inject... Read more

    Affected Products : inventory_management_system
    • Published: Jun. 25, 2025
    • Modified: Jun. 27, 2025
    • Vuln Type: Injection
Showing 20 of 294120 Results