Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2013-2672

    Brother MFC-9970CDW devices with firmware 0D allow cleartext submission of passwords.... Read more

    Affected Products : mfc-9970cdw_firmware mfc-9970cdw
    • EPSS Score: %0.68
    • Published: Feb. 03, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-2646

    TP-LINK TL-WR1043ND V1_120405 devices contain an unspecified denial of service vulnerability.... Read more

    Affected Products : tl-wr1043nd_firmware tl-wr1043nd
    • EPSS Score: %0.32
    • Published: Feb. 03, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-2637

    A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code.... Read more

    Affected Products : opensuse otrs_itsm faq
    • EPSS Score: %1.43
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2013-2631

    TinyWebGallery (TWG) 1.8.9 and earlier contains a full path disclosure vulnerability which allows remote attackers to obtain sensitive information through the parameters "twg_browserx" and "twg_browsery" in the page image.php.... Read more

    Affected Products : tinywebgallery
    • EPSS Score: %0.31
    • Published: Feb. 03, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2013-2625

    An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified... Read more

    • EPSS Score: %0.18
    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2013-2624

    Telean before 1.3.1 contains a full path disclosure vulnerability which could allow remote attackers to obtain sensitive information through a specially crafted URL request.... Read more

    Affected Products : telaen
    • EPSS Score: %9.40
    • Published: Feb. 03, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-2623

    Cross-site Scripting (XSS) in Telaen before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the "f_email" parameter in index.php.... Read more

    Affected Products : telaen
    • EPSS Score: %2.63
    • Published: Feb. 03, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-2622

    Cross-site Scripting (XSS) in UebiMiau 2.7.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the "selected_theme" parameter in error.php.... Read more

    Affected Products : uebimiau
    • EPSS Score: %0.30
    • Published: Feb. 03, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-2621

    Open Redirection Vulnerability in the redir.php script in Telaen before 1.3.1 allows remote attackers to redirect victims to arbitrary websites via a crafted URL.... Read more

    Affected Products : telaen
    • EPSS Score: %10.19
    • Published: Feb. 03, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-2612

    Command-injection vulnerability in Huawei E587 3G Mobile Hotspot 11.203.27 allows remote attackers to execute arbitrary shell commands with root privileges due to an error in the Web UI.... Read more

    Affected Products : e587_firmware e587
    • EPSS Score: %5.72
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-2600

    MiniUPnPd has information disclosure use of snprintf()... Read more

    Affected Products : debian_linux miniupnpd
    • EPSS Score: %0.49
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-2574

    An Access vulnerability exists in FOSCAM IP Camera FI8620 due to insufficient access restrictions in the /tmpfs/ and /log/ directories, which could let a malicious user obtain sensitive information.... Read more

    Affected Products : fi8620_firmware fi8620
    • EPSS Score: %30.51
    • Published: Jan. 29, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-2573

    A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a malicious user execute arbitrary code.... Read more

    • EPSS Score: %22.39
    • Published: Jan. 29, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-2572

    A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access ... Read more

    • EPSS Score: %49.29
    • Published: Jan. 29, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-2571

    Iris 3.8 before build 1548, as used in Xpient point of sale (POS) systems, allows remote attackers to execute arbitrary commands via a crafted request to TCP port 7510, as demonstrated by opening the cash drawer.... Read more

    Affected Products : xpient_iris
    • EPSS Score: %62.05
    • Published: Jan. 28, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-2570

    A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user execute arbitrary code.... Read more

    • EPSS Score: %29.42
    • Published: Jan. 29, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-2569

    A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to the live video stream.... Read more

    • EPSS Score: %68.04
    • Published: Jan. 29, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-2568

    A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code.... Read more

    • EPSS Score: %57.51
    • Published: Jan. 29, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-2567

    An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sensitive information.... Read more

    • EPSS Score: %52.74
    • Published: Jan. 29, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2013-2565

    A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver.... Read more

    Affected Products : mambo_cms
    • EPSS Score: %0.26
    • Published: Feb. 15, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291672 Results