Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2013-7351

    Multiple cross-site scripting (XSS) vulnerabilities in index.php in Shaarli allow remote attackers to inject arbitrary web script or HTML via the URL to the (1) showRSS, (2) showATOM, or (3) showDailyRSS function; a (4) file name to the importFile functio... Read more

    Affected Products : shaarli
    • EPSS Score: %0.96
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-7333

    A vulnerability in version 0.90 of the Open Floodlight SDN controller software could allow an attacker with access to the OpenFlow control network to selectively disconnect individual switches from the SDN controller, causing degradation and eventually de... Read more

    Affected Products : open_sdn_controller
    • EPSS Score: %0.45
    • Published: Oct. 23, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-7325

    An issue exists in uscan in devscripts before 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball.... Read more

    Affected Products : debian_linux devscripts
    • EPSS Score: %0.54
    • Published: Dec. 03, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2013-7324

    Webkit-GTK 2.x (any version with HTML5 audio/video support based on GStreamer) allows remote attackers to trigger unexpectedly high sound volume via malicious javascript. NOTE: this WebKit-GTK behavior complies with existing W3C standards and existing pra... Read more

    Affected Products : webkitgtk
    • EPSS Score: %0.42
    • Published: Feb. 17, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-7287

    MobileIron VSP < 5.9.1 and Sentry < 5.0 has an insecure encryption scheme.... Read more

    Affected Products : sentry virtual_smartphone_platform
    • EPSS Score: %0.29
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-7286

    MobileIron VSP < 5.9.1 and Sentry < 5.0 has a weak password obfuscation algorithm... Read more

    • EPSS Score: %0.34
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-7245

    The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows remote attackers to bypass access restrictions and perform database dumps by leveraging failure to validate credentials, aka SAP Security Note 1927859.... Read more

    • EPSS Score: %0.27
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-7203

    gitolite before commit fa06a34 might allow local users to read arbitrary files in repositories via vectors related to the user umask when running gitolite setup.... Read more

    Affected Products : gitolite
    • EPSS Score: %0.08
    • Published: Sep. 21, 2018
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2013-7202

    The WebHybridClient class in PayPal 5.3 and earlier for Android allows remote attackers to execute arbitrary JavaScript on the system.... Read more

    Affected Products : paypal
    • EPSS Score: %1.40
    • Published: Apr. 27, 2018
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2013-7201

    WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information.... Read more

    Affected Products : paypal
    • EPSS Score: %0.90
    • Published: Apr. 27, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-7185

    PotPlayer 1.5.40688: .avi File Memory Corruption... Read more

    Affected Products : potplayer
    • EPSS Score: %1.64
    • Published: Jan. 14, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-7173

    Belkin n750 routers have a buffer overflow.... Read more

    Affected Products : n750_firmware n750
    • EPSS Score: %0.45
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-7172

    Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges.... Read more

    Affected Products : slackware_linux
    • EPSS Score: %0.13
    • Published: Nov. 21, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-7171

    Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges.... Read more

    Affected Products : slackware_linux
    • EPSS Score: %4.07
    • Published: Nov. 21, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-7098

    OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection.... Read more

    Affected Products : openconnect
    • EPSS Score: %0.68
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-7089

    ClamAV before 0.97.7: dbg_printhex possible information leak... Read more

    Affected Products : fedora debian_linux clamav
    • EPSS Score: %0.36
    • Published: Nov. 15, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-7088

    ClamAV before 0.97.7 has buffer overflow in the libclamav component... Read more

    Affected Products : fedora debian_linux clamav
    • EPSS Score: %0.54
    • Published: Nov. 15, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-7087

    ClamAV before 0.97.7 has WWPack corrupt heap memory... Read more

    Affected Products : fedora debian_linux clamav
    • EPSS Score: %0.38
    • Published: Nov. 15, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7071

    Cross-site scripting (XSS) vulnerability in the handle_request function in lib/HTTPServer.pm in Monitorix before 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.... Read more

    Affected Products : monitorix
    • EPSS Score: %0.58
    • Published: Dec. 31, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-7070

    The handle_request function in lib/HTTPServer.pm in Monitorix before 3.3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the URI.... Read more

    Affected Products : monitorix
    • EPSS Score: %4.63
    • Published: Dec. 31, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291737 Results