Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2013-4985

    Multiple Vivotek IP Cameras remote authentication bypass that could allow access to the video stream... Read more

    • EPSS Score: %25.16
    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-4982

    AVTECH AVN801 DVR has a security bypass via the administration login captcha... Read more

    Affected Products : avn801_dvr_firmware avn801_dvr
    • EPSS Score: %4.00
    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-4976

    Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials... Read more

    Affected Products : ds-2cd7153-e_firmware ds-2cd7153-e
    • EPSS Score: %9.35
    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2013-4975

    Hikvision DS-2CD7153-E IP Camera has Privilege Escalation... Read more

    Affected Products : ds-2cd7153-e_firmware ds-2cd7153-e
    • EPSS Score: %14.07
    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-4968

    Puppet Enterprise before 3.0.1 allows remote attackers to (1) conduct clickjacking attacks via unspecified vectors related to the console, and (2) conduct cross-site scripting (XSS) attacks via unspecified vectors related to "live management."... Read more

    Affected Products : puppet_enterprise
    • EPSS Score: %0.33
    • Published: Dec. 11, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-4891

    The xss_clean function in CodeIgniter before 2.1.4 might allow remote attackers to bypass an intended protection mechanism and conduct cross-site scripting (XSS) attacks via an unclosed HTML tag.... Read more

    Affected Products : codeigniter
    • EPSS Score: %0.27
    • Published: Feb. 21, 2018
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2013-4868

    Karotz API 12.07.19.00: Session Token Information Disclosure... Read more

    Affected Products : api
    • EPSS Score: %22.15
    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.3

    MEDIUM
    CVE-2013-4867

    Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking... Read more

    • EPSS Score: %1.03
    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2013-4865

    Cross-site request forgery (CSRF) vulnerability in upgrade_step2.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to hijack the authentication of users for requests that install arbitrary firmware via the squashfs parameter.... Read more

    Affected Products : veralite_firmware veralite
    • EPSS Score: %0.16
    • Published: Jan. 28, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-4864

    MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to send HTTP requests to intranet servers via the url parameter to cgi-bin/cmh/proxy.sh, related to a Server-Side Request Forgery (SSRF) issue.... Read more

    Affected Products : veralite_firmware veralite
    • EPSS Score: %30.46
    • Published: Jan. 28, 2020
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2013-4863

    The HomeAutomationGateway service in MiCasaVerde VeraLite with firmware 1.5.408 allows (1) remote attackers to execute arbitrary Lua code via a RunLua action in a request to upnp/control/hag on port 49451 or (2) remote authenticated users to execute arbit... Read more

    Affected Products : veralite_firmware veralite
    • EPSS Score: %29.41
    • Published: Jan. 28, 2020
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2013-4862

    MiCasaVerde VeraLite with firmware 1.5.408 does not properly restrict access, which allows remote authenticated users to (1) update the firmware via the squashfs parameter to upgrade_step2.sh or (2) obtain hashed passwords via the cgi-bin/cmh/backup.sh pa... Read more

    Affected Products : veralite_firmware veralite
    • EPSS Score: %7.94
    • Published: Jan. 28, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2013-4861

    Directory traversal vulnerability in cgi-bin/cmh/get_file.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote authenticated users to read arbirary files via a .. (dot dot) in the filename parameter.... Read more

    Affected Products : veralite_firmware veralite
    • EPSS Score: %14.56
    • Published: Jan. 28, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2013-4859

    INSTEON Hub 2242-222 lacks Web and API authentication... Read more

    Affected Products : hub_firmware hub
    • EPSS Score: %8.60
    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-4857

    D-Link DIR-865L has PHP File Inclusion in the router xml file.... Read more

    Affected Products : dir-865l_firmware dir-865l
    • EPSS Score: %1.32
    • Published: Oct. 25, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2013-4856

    D-Link DIR-865L has Information Disclosure.... Read more

    Affected Products : dir-865l_firmware dir-865l
    • EPSS Score: %0.23
    • Published: Oct. 25, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-4855

    D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share.... Read more

    Affected Products : dir-865l_firmware dir-865l
    • EPSS Score: %0.30
    • Published: Oct. 25, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2013-4848

    TP-Link TL-WDR4300 version 3.13.31 has multiple CSRF vulnerabilities.... Read more

    Affected Products : tl-wdr4300_firmware tl-wdr4300
    • EPSS Score: %0.23
    • Published: Oct. 25, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-4796

    ReviewBoard 1.6.17 allows code execution by attaching PHP scripts to review request... Read more

    Affected Products : reviewboard
    • EPSS Score: %0.63
    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-4792

    PrestaShop before 1.4.11 allows logout CSRF.... Read more

    Affected Products : prestashop
    • EPSS Score: %0.10
    • Published: Feb. 14, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291728 Results