Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.1

    CRITICAL
    CVE-2013-4561

    In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of confidentiality and integrity.... Read more

    Affected Products : openshift
    • EPSS Score: %0.31
    • Published: Jun. 30, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-4536

    An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the p... Read more

    Affected Products : qemu
    • EPSS Score: %0.04
    • Published: May. 28, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-4535

    The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read.... Read more

    • EPSS Score: %0.38
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-4532

    Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.... Read more

    Affected Products : ubuntu_linux debian_linux qemu
    • EPSS Score: %0.23
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-4521

    RichFaces implementation in Nuxeo Platform 5.6.0 before HF27 and 5.8.0 before HF-01 does not restrict the classes for which deserialization methods can be called, which allows remote attackers to execute arbitrary code via crafted serialized data. NOTE: t... Read more

    Affected Products : nuxeo
    • EPSS Score: %2.55
    • Published: Feb. 06, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-4518

    RHUI (Red Hat Update Infrastructure) 2.1.3 has world readable PKI entitlement certificates... Read more

    • EPSS Score: %0.08
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-4486

    Zanata 3.0.0 through 3.1.2 has RCE due to EL interpolation in logging... Read more

    Affected Products : linux_kernel zanata
    • EPSS Score: %0.60
    • Published: Dec. 03, 2019
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2013-4462

    WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability... Read more

    Affected Products : portable_phpmyadmin
    • EPSS Score: %1.19
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2013-4454

    WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security Bypass Vulnerabilities... Read more

    • EPSS Score: %0.88
    • Published: Feb. 18, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-4451

    gitolite commit fa06a34 through 3.5.3 might allow attackers to have unspecified impact via vectors involving world-writable permissions when creating (1) ~/.gitolite.rc, (2) ~/.gitolite, or (3) ~/repositories/gitolite-admin.git on fresh installs.... Read more

    Affected Products : gitolite
    • EPSS Score: %1.96
    • Published: Sep. 21, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-4441

    The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.... Read more

    Affected Products : pwgen
    • EPSS Score: %0.43
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-4423

    CloudForms stores user passwords in recoverable format... Read more

    Affected Products : cloudforms
    • EPSS Score: %0.10
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-4412

    slim has NULL pointer dereference when using crypt() method from glibc 2.17... Read more

    Affected Products : debian_linux glibc slim
    • EPSS Score: %0.94
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2013-4411

    Review Board: URL processing gives unauthorized users access to review lists... Read more

    Affected Products : fedora reviewboard
    • EPSS Score: %0.51
    • Published: Dec. 03, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-4410

    ReviewBoard: has an access-control problem in REST API... Read more

    Affected Products : fedora reviewboard
    • EPSS Score: %0.97
    • Published: Dec. 02, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-4409

    An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests.... Read more

    • EPSS Score: %1.17
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-4395

    Simple Machines Forum (SMF) through 2.0.5 has XSS... Read more

    Affected Products : simple_machines_forum
    • EPSS Score: %0.27
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2013-4374

    An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files.... Read more

    • EPSS Score: %0.10
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-4367

    ovirt-engine 3.2 running on Linux kernel 3.1 and newer creates certain files world-writeable due to an upstream kernel change which impacted how python's os.chmod() works when passed a mode of '-1'.... Read more

    Affected Products : linux_kernel ovirt-engine ovirt-engine
    • EPSS Score: %0.10
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-4364

    (1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package in Red Hat OpenShift Enterprise 1 and 2 allow local users to have unspecified impact via a symlink attack on an unspecified file in /tmp.... Read more

    Affected Products : openshift openshift
    • EPSS Score: %0.03
    • Published: Jan. 08, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 291741 Results