Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2013-5829

    Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors re... Read more

    • Published: Oct. 16, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5787

    Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a diffe... Read more

    Affected Products : jdk jre jre jdk
    • Published: Oct. 16, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5755

    config/.htpasswd in Yealink IP Phone SIP-T38G has a hardcoded password of (1) user (s7C9Cx.rLsWFA) for the user account, (2) admin (uoCbM.VEiKQto) for the admin account, and (3) var (jhl3iZAe./qXM) for the var account, which makes it easier for remote att... Read more

    Affected Products : sip-t38g
    • Published: Jul. 16, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-5715

    Buffer overflow in Gretech GOM Media Player before 2.2.53.5169 has unspecified impact and attack vectors.... Read more

    Affected Products : gom_player
    • Published: Sep. 09, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2021-28799

    An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. ) If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to ... Read more

    • Actively Exploited
    • Published: May. 13, 2021
    • Modified: Mar. 12, 2025

  • 10.0

    HIGH
    CVE-2013-5667

    The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary commands via a get_userid action with shell metacharacters in the username parameter.... Read more

    • Published: Jan. 24, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-5960

    Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary... Read more

    Affected Products : portable_sdk_for_upnp
    • Published: Jan. 31, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5618

    Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remot... Read more

    • Published: Dec. 11, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5600

    Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey bef... Read more

    • Published: Oct. 30, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5597

    Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allo... Read more

    • Published: Oct. 30, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-27555

    Use of default credentials for the telnet server in BASETech GE-131 BT-1837836 firmware 20180921 allows remote attackers to execute arbitrary system commands as the root user.... Read more

    • Published: Nov. 17, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-5590

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote attackers... Read more

    • Published: Oct. 30, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5509

    The SSL implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0 before 9.0(2.6) and 9.1 before 9.1(2) allows remote attackers to bypass authentication, and obtain VPN access or administrative access, via a crafted X.509 client certificate, ... Read more

    • Published: Oct. 13, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5511

    The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before ... Read more

    • Published: Oct. 13, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5446

    The console on IBM WebSphere DataPower XC10 appliances 2.1.0 and 2.5.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors.... Read more

    • Published: Oct. 22, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5403

    Unspecified vulnerability on the IBM WebSphere DataPower XC10 appliance 2.0 through 2.5.0.1 allows remote attackers to obtain administrative access via unknown vectors.... Read more

    • Published: Sep. 27, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5370

    Unspecified vulnerability in IBM SPSS Collaboration and Deployment Services 4.2.1 and 5.0 through FP2 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-4042.... Read more

    • Published: Oct. 01, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-5260

    Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adob... Read more

    • Published: Oct. 09, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5303

    Unspecified vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize."... Read more

    Affected Products : typo3 locator
    • Published: Aug. 16, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5122

    Cisco Linksys Routers EA2700, EA3500, E4200, EA4500: A bug can cause an unsafe TCP port to open which leads to unauthenticated access... Read more

    • Published: Jan. 07, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 293284 Results