Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2013-6360

    TRENDnet TS-S402 has a backdoor to enable TELNET.... Read more

    Affected Products : ts-s402_firmware ts-s402
    • EPSS Score: %0.21
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2013-6358

    PrestaShop 1.5.5 allows remote authenticated attackers to execute arbitrary code by uploading a crafted profile and then accessing it in the module/ directory.... Read more

    Affected Products : prestashop
    • EPSS Score: %4.22
    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-6295

    PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module... Read more

    Affected Products : prestashop
    • EPSS Score: %0.32
    • Published: Feb. 18, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-6277

    QNAP VioCard 300 has hardcoded RSA private keys.... Read more

    Affected Products : viocard_300_firmware viocard_300
    • EPSS Score: %0.29
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-6276

    QNAP F_VioCard 2312 and F_VioGate 2308 have hardcoded entries in authorized_keys files. NOTE: 1. All active models are not affected. The last affected model was EOL since 2010. 2. The legacy authorization mechanism is no longer adopted in all active model... Read more

    • EPSS Score: %0.40
    • Published: Aug. 09, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2013-6275

    Multiple CSRF issues in Horde Groupware Webmail Edition 5.1.2 and earlier in basic.php.... Read more

    Affected Products : debian_linux groupware
    • EPSS Score: %1.94
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-6272

    The NotificationBroadcastReceiver class in the com.android.phone process in Google Android 4.1.1 through 4.4.2 allows attackers to bypass intended access restrictions and consequently make phone calls to arbitrary numbers, send mmi or ussd codes, or hangu... Read more

    Affected Products : android
    • EPSS Score: %0.14
    • Published: May. 02, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-6242

    Cross-site scripting (XSS) vulnerability in the frontend in Open-Xchange (OX) AppSuite 6.22.3 before 6.22.3-rev5 and 6.22.4 before 6.22.4-rev12 allows remote attackers to inject arbitrary web script or HTML via the subject of an email. NOTE: the vulnerabi... Read more

    Affected Products : open-xchange_appsuite
    • EPSS Score: %0.75
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-6239

    Cross-site scripting (XSS) vulnerability in the photo gallery model in Exis Contexis before 2.0 allows remote attackers to inject arbitrary web script or HTML via the image parameter in a detail action.... Read more

    Affected Products : exis_contexis
    • EPSS Score: %0.82
    • Published: Nov. 22, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-6236

    IZON IP 2.0.2: hard-coded password vulnerability... Read more

    Affected Products : izon_ip_firmware izon_ip
    • EPSS Score: %43.57
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 8.0

    HIGH
    CVE-2013-6234

    Unrestricted file upload vulnerability in the Worksheet designer in SpagoBI before 4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an u... Read more

    Affected Products : spagobi
    • EPSS Score: %2.18
    • Published: Nov. 22, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2013-6231

    SpagoBI before 4.1 has Privilege Escalation via an error in the AdapterHTTP script... Read more

    Affected Products : spagobi
    • EPSS Score: %35.65
    • Published: Jan. 10, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-6225

    LiveZilla 5.0.1.4 has a Remote Code Execution vulnerability... Read more

    Affected Products : livezilla
    • EPSS Score: %54.06
    • Published: Jan. 13, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-6056

    OSSIM before 4.3.3.1 has tele_compress.php path traversal vulnerability... Read more

    • EPSS Score: %0.40
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-6022

    A Cross-Site Scripting (XSS) vulnerability exists in Tiki Wiki CMG Groupware 11.0 via the id paraZeroClipboard.swf, which could let a remote malicious user execute arbitrary code.... Read more

    Affected Products : tikiwiki_cms\/groupware
    • EPSS Score: %0.21
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-5988

    A Cross-site Scripting (XSS) vulnerability exists in the All in One SEO Pack plugin before 2.0.3.1 for WordPress via the Search parameter.... Read more

    Affected Products : all_in_one_seo_pack
    • EPSS Score: %0.17
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-5978

    Multiple cross-site scripting (XSS) vulnerabilities in products.php in the Cart66 Lite plugin before 1.5.1.15 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) Product name or (2) Price description fields via a reques... Read more

    Affected Products : cart66_lite_plugin
    • EPSS Score: %2.48
    • Published: Dec. 11, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-5945

    Multiple SQL injection vulnerabilities in D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 al... Read more

    • EPSS Score: %10.45
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-5743

    Multiple SQL injection vulnerabilities in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.9rc1, and 2.1.x before 2.1.7.... Read more

    Affected Products : zabbix
    • EPSS Score: %82.37
    • Published: Dec. 11, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-5687

    RiskNet Acquirer before hotfix 6.0 b7+ADHOC-443 ApplicationServiceBean contains a service information disclosure.... Read more

    Affected Products : risknet_acquirer
    • EPSS Score: %0.30
    • Published: Feb. 14, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291750 Results