Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.8

    MEDIUM
    CVE-2013-7489

    The Beaker library through 1.11.0 for Python is affected by deserialization of untrusted data, which could lead to arbitrary code execution.... Read more

    Affected Products : beaker
    • EPSS Score: %0.05
    • Published: Jun. 26, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-7488

    perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) through 0.27 allows remote attackers to cause an infinite loop via unexpected input.... Read more

    Affected Products : fedora \
    • EPSS Score: %1.01
    • Published: Apr. 07, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-7487

    On Swann DVR04B, DVR08B, DVR-16CIF, and DVR16B devices, raysharpdvr application has a vulnerable call to “system”, which allows remote attackers to execute arbitrary code via TCP port 9000.... Read more

    • EPSS Score: %2.92
    • Published: Mar. 21, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7486

    Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite 7.2.x before 7.2.2-rev27 and 7.4.x before 7.4.0-rev20 allows remote attackers to inject arbitrary web script or HTML via the body of an email. NOTE: this vulnerability w... Read more

    Affected Products : open-xchange_appsuite
    • EPSS Score: %0.92
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7485

    Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite 7.2.x before 7.2.2-rev26 and 7.4.x before 7.4.0-rev16 allows remote attackers to inject arbitrary web script or HTML via the publication name, which is not properly hand... Read more

    Affected Products : open-xchange_appsuite
    • EPSS Score: %0.95
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-7484

    Zabbix before 5.0 represents passwords in the users table with unsalted MD5.... Read more

    Affected Products : zabbix
    • EPSS Score: %0.21
    • Published: Nov. 30, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-7483

    The slidedeck2 plugin before 2.3.5 for WordPress has file inclusion.... Read more

    Affected Products : slidedeck_2
    • EPSS Score: %0.84
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7482

    The reflex-gallery plugin before 1.4.3 for WordPress has XSS.... Read more

    Affected Products : reflex_gallery
    • EPSS Score: %0.19
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7481

    The contact-form-plugin plugin before 3.3.5 for WordPress has XSS.... Read more

    Affected Products : contact_form
    • EPSS Score: %0.19
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7480

    The events-manager plugin before 5.3.6.1 for WordPress has XSS via the booking form and admin areas.... Read more

    Affected Products : events_manager events_manager
    • EPSS Score: %0.19
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7479

    The events-manager plugin before 5.3.9 for WordPress has XSS in the search form field.... Read more

    Affected Products : events_manager events_manager
    • EPSS Score: %0.19
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7478

    The events-manager plugin before 5.5 for WordPress has XSS via EM_Ticket::get_post.... Read more

    Affected Products : events_manager events_manager
    • EPSS Score: %0.19
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7477

    The events-manager plugin before 5.5.2 for WordPress has XSS in the booking form.... Read more

    Affected Products : events_manager events_manager
    • EPSS Score: %0.19
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-7476

    The simple-fields plugin before 1.2 for WordPress has CSRF in the admin interface.... Read more

    Affected Products : simple_fields
    • EPSS Score: %0.09
    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7475

    The contact-form-plugin plugin before 3.52 for WordPress has XSS.... Read more

    Affected Products : contact_form
    • EPSS Score: %0.19
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7474

    Windu CMS 2.2 allows XSS via the name parameter to admin/content/edit or admin/content/add, or the username parameter to admin/users.... Read more

    Affected Products : windu_cms
    • EPSS Score: %0.24
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-7473

    Windu CMS 2.2 allows CSRF via admin/users/?mn=admin.message.error to add an admin account.... Read more

    Affected Products : windu_cms
    • EPSS Score: %0.14
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7472

    The "Count per Day" plugin before 3.2.6 for WordPress allows XSS via the wp-admin/?page=cpd_metaboxes daytoshow parameter.... Read more

    Affected Products : count_per_day
    • EPSS Score: %0.44
    • Published: Jun. 15, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-7471

    An issue was discovered in soap.cgi?service=WANIPConn1 on D-Link DIR-845 before v1.02b03, DIR-600 before v2.17b01, DIR-645 before v1.04b11, DIR-300 rev. B, and DIR-865 devices. There is Command Injection via shell metacharacters in the NewInternalClient, ... Read more

    • EPSS Score: %35.76
    • Published: Jun. 11, 2019
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2013-7470

    cipso_v4_validate in include/net/cipso_ipv4.h in the Linux kernel before 3.11.7, when CONFIG_NETLABEL is disabled, allows attackers to cause a denial of service (infinite loop and crash), as demonstrated by icmpsic, a different vulnerability than CVE-2013... Read more

    Affected Products : linux_kernel
    • EPSS Score: %1.27
    • Published: Apr. 23, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291810 Results