Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2013-7203

    gitolite before commit fa06a34 might allow local users to read arbitrary files in repositories via vectors related to the user umask when running gitolite setup.... Read more

    Affected Products : gitolite
    • EPSS Score: %0.08
    • Published: Sep. 21, 2018
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2013-7202

    The WebHybridClient class in PayPal 5.3 and earlier for Android allows remote attackers to execute arbitrary JavaScript on the system.... Read more

    Affected Products : paypal
    • EPSS Score: %1.40
    • Published: Apr. 27, 2018
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2013-7201

    WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information.... Read more

    Affected Products : paypal
    • EPSS Score: %0.90
    • Published: Apr. 27, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-7185

    PotPlayer 1.5.40688: .avi File Memory Corruption... Read more

    Affected Products : potplayer
    • EPSS Score: %1.64
    • Published: Jan. 14, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-7173

    Belkin n750 routers have a buffer overflow.... Read more

    Affected Products : n750_firmware n750
    • EPSS Score: %0.45
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-7172

    Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges.... Read more

    Affected Products : slackware_linux
    • EPSS Score: %0.13
    • Published: Nov. 21, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-7171

    Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges.... Read more

    Affected Products : slackware_linux
    • EPSS Score: %4.07
    • Published: Nov. 21, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-7098

    OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection.... Read more

    Affected Products : openconnect
    • EPSS Score: %0.68
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-7089

    ClamAV before 0.97.7: dbg_printhex possible information leak... Read more

    Affected Products : fedora debian_linux clamav
    • EPSS Score: %0.36
    • Published: Nov. 15, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-7088

    ClamAV before 0.97.7 has buffer overflow in the libclamav component... Read more

    Affected Products : fedora debian_linux clamav
    • EPSS Score: %0.54
    • Published: Nov. 15, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-7087

    ClamAV before 0.97.7 has WWPack corrupt heap memory... Read more

    Affected Products : fedora debian_linux clamav
    • EPSS Score: %0.38
    • Published: Nov. 15, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7071

    Cross-site scripting (XSS) vulnerability in the handle_request function in lib/HTTPServer.pm in Monitorix before 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.... Read more

    Affected Products : monitorix
    • EPSS Score: %0.58
    • Published: Dec. 31, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-7070

    The handle_request function in lib/HTTPServer.pm in Monitorix before 3.3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the URI.... Read more

    Affected Products : monitorix
    • EPSS Score: %4.63
    • Published: Dec. 31, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7062

    Multiple cross-site scripting (XSS) vulnerabilities in Zope, as used in Plone 3.3.x through 3.3.6, 4.0.x through 4.0.9, 4.1.x through 4.1.6, 4.2.x through 4.2.7, and 4.3 through 4.3.2, allow remote attackers to inject arbitrary web script or HTML via unsp... Read more

    Affected Products : plone
    • EPSS Score: %0.76
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-7055

    D-Link DIR-100 4.03B07 has PPTP and poe information disclosure... Read more

    Affected Products : dir-100 dir-100_firmware
    • EPSS Score: %49.26
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7054

    D-Link DIR-100 4.03B07: cli.cgi XSS... Read more

    Affected Products : dir-100 dir-100_firmware
    • EPSS Score: %14.46
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-7053

    D-Link DIR-100 4.03B07: cli.cgi CSRF... Read more

    Affected Products : dir-100 dir-100_firmware
    • EPSS Score: %1.31
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-7052

    D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script... Read more

    Affected Products : dir-100 dir-100_firmware
    • EPSS Score: %42.70
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-7051

    D-Link DIR-100 4.03B07: cli.cgi security bypass due to failure to check authentication parameters... Read more

    Affected Products : dir-100 dir-100_firmware
    • EPSS Score: %5.48
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-6927

    Internet TRiLOGI Server (unknown versions) could allow a local user to bypass security and create a local user account.... Read more

    Affected Products : trilogi_server
    • EPSS Score: %0.06
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291750 Results