Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2013-4090

    Varnish HTTP cache before 3.0.4: ACL bug... Read more

    Affected Products : varnish_cache
    • EPSS Score: %0.35
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2013-4088

    Kernel/Modules/AgentTicketWatcher.pm in Open Ticket Request System (OTRS) 3.0.x before 3.0.21, 3.1.x before 3.1.17, and 3.2.x before 3.2.8 does not properly restrict tickets, which allows remote attackers with a valid agent login to read restricted ticket... Read more

    Affected Products : otrs
    • EPSS Score: %1.31
    • Published: Feb. 21, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-4040

    IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows local users to obtain sensitive information by reading... Read more

    • EPSS Score: %0.04
    • Published: May. 01, 2018
    • Modified: Nov. 21, 2024

  • 7.3

    HIGH
    CVE-2013-4035

    IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, and 3.6.0.1 allow remote attackers to have unspecified impact by leveraging failure to reject client requests for an unencrypted session when used as the server in a TCP/IP session and... Read more

    Affected Products : sterling_connect
    • EPSS Score: %0.06
    • Published: May. 01, 2018
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2013-3960

    Easytime Studio Easy File Manager 1.1 has a HTTP request security bypass... Read more

    Affected Products : easy_file_manager
    • EPSS Score: %0.68
    • Published: Jan. 24, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-3947

    Buffer overflow in MedCoreD.sys in AhnLab V3 Internet Security 8.0.7.5 (Build 1373) allows local users to gain privileges via a crafted 0xA3350014 IOCTL call.... Read more

    Affected Products : v3_internet_security
    • EPSS Score: %0.05
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-3946

    Heap-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a levels header.... Read more

    Affected Products : mrsid
    • EPSS Score: %4.92
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-3945

    The MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a nband tag.... Read more

    Affected Products : mrsid
    • EPSS Score: %1.79
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-3944

    Stack-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via an IMAGE tag.... Read more

    Affected Products : mrsid
    • EPSS Score: %10.83
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-3942

    Potplayer prior to 1.5.39659: DLL Loading Arbitrary Code Execution Vulnerability... Read more

    Affected Products : potplayer
    • EPSS Score: %0.23
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-3941

    Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in a QCD marker in a crafted JPEG2000 file, which leads to a ... Read more

    Affected Products : xnview
    • EPSS Score: %5.32
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-3939

    xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension err... Read more

    Affected Products : xnview
    • EPSS Score: %1.01
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-3937

    Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows remote attackers to execute arbitrary code via the biBitCount field in a BMP file.... Read more

    Affected Products : xnview
    • EPSS Score: %1.16
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-3936

    Multiple cross-site scripting (XSS) vulnerabilities in Opsview before 4.4.1 and Opsview Core before 20130522 allow remote attackers to inject arbitrary web script or HTML.... Read more

    Affected Products : opsview opsview_core
    • EPSS Score: %0.28
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-3935

    Cross-site request forgery (CSRF) vulnerability in Opsview before 4.4.1 and Opsview Core before 20130522 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via unspecified vectors.... Read more

    Affected Products : opsview opsview_core
    • EPSS Score: %0.13
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-3932

    SQL injection vulnerability in the Jomres (com_jomres) component before 7.3.1 for Joomla! allows remote authenticated users with the "Business Manager" permission to execute arbitrary SQL commands via the id parameter in an editProfile action to administr... Read more

    Affected Products : jomres
    • EPSS Score: %1.34
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2013-3931

    Cross-site scripting (XSS) vulnerability in the Jomres (com_jomres) component before 7.3.1 for Joomla! allows remote authenticated users with the "Business Manager" permission to inject arbitrary web script or HTML via the property_name parameter, related... Read more

    Affected Products : jomres
    • EPSS Score: %0.26
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-3738

    A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request strings in CGI scripts, which could let a remote malicious user execute arbitrary code.... Read more

    Affected Products : zabbix
    • EPSS Score: %2.86
    • Published: Feb. 17, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-3725

    Invision Power Board (IPB) through 3.x allows admin account takeover leading to code execution.... Read more

    Affected Products : invision_power_board
    • EPSS Score: %0.88
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-3722

    A Denial of Service (infinite loop) exists in OpenSIPS before 1.10 in lookup.c.... Read more

    Affected Products : opensips
    • EPSS Score: %0.33
    • Published: Feb. 17, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291777 Results