Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2013-4838

    Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1850.... Read more

    Affected Products : loadrunner
    • EPSS Score: %27.67
    • Published: Nov. 04, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-4810

    HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to (1) EJBInvokerServlet or (2) JMXInvokerServlet, ... Read more

    • Actively Exploited
    • EPSS Score: %85.88
    • Published: Sep. 16, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-4785

    The web interface on the Dell iDRAC6 with firmware before 1.95 allows remote attackers to modify the CLP interface for arbitrary users and possibly have other impact via a request to an unspecified form that is accessible from testurls.html. NOTE: the ve... Read more

    Affected Products : idrac6_firmware idrac6_firmware
    • EPSS Score: %2.01
    • Published: Jul. 08, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-4782

    The Supermicro BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password.... Read more

    Affected Products : bmc
    • EPSS Score: %58.32
    • Published: Jul. 08, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-4735

    The Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 have a default password for an administrative account, which makes it easier for remote attackers to obtain access via an IP network.... Read more

    Affected Products : dasdec_eas r189_one-net_eas
    • EPSS Score: %1.35
    • Published: Jun. 30, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-4437

    Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 0.17.0 has unspecified impact and vectors related to "insecure Usage of /tmp."... Read more

    Affected Products : salt
    • EPSS Score: %0.68
    • Published: Nov. 05, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-4290

    Stack-based buffer overflow in OpenJPEG before 1.5.2 allows remote attackers to have unspecified impact via unknown vectors to (1) lib/openjp3d/opj_jp3d_compress.c, (2) bin/jp3d/convert.c, or (3) lib/openjp3d/event.c.... Read more

    Affected Products : openjpeg
    • EPSS Score: %1.71
    • Published: Apr. 18, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2013-4267

    Ajaxeplorer before 5.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) archive_name parameter to the Power FS module (plugins/action.powerfs/class.PowerFSController.php), a (2) file name to the getTrustSizeOnFil... Read more

    Affected Products : pydio
    • EPSS Score: %7.06
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-4265

    The av_reallocp_array function in libavutil/mem.c in FFmpeg before 2.0.1 has an unspecified impact and remote vectors related to a "wrong return code" and a resultant NULL pointer dereference.... Read more

    Affected Products : ffmpeg
    • EPSS Score: %0.40
    • Published: Nov. 23, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-3359

    Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3360.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %11.43
    • Published: Sep. 12, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-3354

    Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3352 and CVE... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • EPSS Score: %26.10
    • Published: Sep. 12, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-3350

    Adobe ColdFusion 10 before Update 11 allows remote attackers to call ColdFusion Components (CFC) public methods via WebSockets.... Read more

    Affected Products : coldfusion
    • EPSS Score: %1.61
    • Published: Jul. 10, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-3195

    The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT do... Read more

    • EPSS Score: %59.62
    • Published: Oct. 09, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2343

    Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1510.... Read more

    • EPSS Score: %75.60
    • Published: Jul. 02, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2340

    Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, JD###B, JE###A, JF###A, JF###B, JF###C, JG###A, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and switches allows remote attackers to execute arbitrary cod... Read more

    • EPSS Score: %27.05
    • Published: Jul. 06, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2335

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1733.... Read more

    Affected Products : storage_data_protector
    • EPSS Score: %53.18
    • Published: Jun. 06, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2330

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1638.... Read more

    Affected Products : storage_data_protector
    • EPSS Score: %53.18
    • Published: Jun. 06, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2328

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1636.... Read more

    Affected Products : storage_data_protector
    • EPSS Score: %53.18
    • Published: Jun. 06, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2324

    Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1629.... Read more

    Affected Products : storage_data_protector
    • EPSS Score: %64.73
    • Published: Jun. 06, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-2278

    Unspecified vulnerability in War FTP Daemon (warftpd) 1.82, when running as a Windows service, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to log messages and the "internal l... Read more

    Affected Products : warftpd
    • EPSS Score: %8.92
    • Published: Apr. 01, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 291780 Results