Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2020-27555

    Use of default credentials for the telnet server in BASETech GE-131 BT-1837836 firmware 20180921 allows remote attackers to execute arbitrary system commands as the root user.... Read more

    • Published: Nov. 17, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-5590

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote attackers... Read more

    • Published: Oct. 30, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5509

    The SSL implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0 before 9.0(2.6) and 9.1 before 9.1(2) allows remote attackers to bypass authentication, and obtain VPN access or administrative access, via a crafted X.509 client certificate, ... Read more

    • Published: Oct. 13, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5511

    The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before ... Read more

    • Published: Oct. 13, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5446

    The console on IBM WebSphere DataPower XC10 appliances 2.1.0 and 2.5.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors.... Read more

    • Published: Oct. 22, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5403

    Unspecified vulnerability on the IBM WebSphere DataPower XC10 appliance 2.0 through 2.5.0.1 allows remote attackers to obtain administrative access via unknown vectors.... Read more

    • Published: Sep. 27, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5370

    Unspecified vulnerability in IBM SPSS Collaboration and Deployment Services 4.2.1 and 5.0 through FP2 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-4042.... Read more

    • Published: Oct. 01, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-5260

    Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adob... Read more

    • Published: Oct. 09, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5303

    Unspecified vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize."... Read more

    Affected Products : typo3 locator
    • Published: Aug. 16, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5122

    Cisco Linksys Routers EA2700, EA3500, E4200, EA4500: A bug can cause an unsafe TCP port to open which leads to unauthenticated access... Read more

    • Published: Jan. 07, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-5031

    Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vulnerability than CVE-2013-5032, CVE-2013-5033, and CVE-2013-5034.... Read more

    Affected Products : atmail
    • Published: Jan. 12, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5022

    Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary fil... Read more

    • Published: Aug. 06, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-5019

    Stack-based buffer overflow in Ultra Mini HTTPD 1.21 allows remote attackers to execute arbitrary code via a long resource name in an HTTP request.... Read more

    Affected Products : ultra_mini_httpd
    • Published: Jul. 31, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-5570

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.... Read more

    • Published: Sep. 22, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-1383

    Buffer overflow in Adobe Shockwave Player before 12.0.2.122 allows attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : shockwave_player
    • Published: Apr. 10, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-4838

    Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1850.... Read more

    Affected Products : loadrunner
    • Published: Nov. 04, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-4813

    The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a HEAD request, aka ZDI-CAN-1745.... Read more

    • Published: Sep. 16, 2013
    • Modified: Apr. 22, 2025

  • 10.0

    HIGH
    CVE-2013-4804

    Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors.... Read more

    • Published: Oct. 13, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-4783

    The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23, allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbit... Read more

    Affected Products : idrac6_bmc
    • Published: Jul. 08, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-4732

    The administrative web server on the Digital Alert Systems DASDEC EAS device through 2.0-2 and the Monroe Electronics R189 One-Net EAS device through 2.0-2 uses predictable session ID values, which makes it easier for remote attackers to hijack sessions b... Read more

    Affected Products : dasdec_eas r189_one-net_eas
    • Published: Jun. 30, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 293510 Results