Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2013-1599

    A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, D... Read more

    • EPSS Score: %92.28
    • Published: Jan. 28, 2020
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2013-1598

    A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via the system.ntp parameter to the farseer.out binary file, which cold let a malicious user execute arbitrary code.... Read more

    Affected Products : pt7135_firmware pt7135
    • EPSS Score: %32.16
    • Published: Jan. 24, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2013-1597

    A Directory Traversal vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via a specially crafted GET request, which could let a malicious user obtain user credentials.... Read more

    Affected Products : pt7135_firmware pt7135
    • EPSS Score: %10.88
    • Published: Jan. 24, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2013-1596

    An Authentication Bypass Vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via specially crafted RTSP packets to TCP port 554.... Read more

    Affected Products : pt7135_firmware pt7135
    • EPSS Score: %21.88
    • Published: Jan. 24, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-1595

    A Buffer Overflow vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via a specially crafted packet in the Authorization header field sent to the RTSP service, which could let a remote malicious user execute arbitrary code or cause a Denial ... Read more

    Affected Products : pt7135_firmware pt7135
    • EPSS Score: %3.88
    • Published: Jan. 24, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-1594

    An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials stored in clear text.... Read more

    Affected Products : pt7135_firmware pt7135
    • EPSS Score: %22.44
    • Published: Jan. 24, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-1593

    A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN.... Read more

    Affected Products : netweaver
    • EPSS Score: %2.66
    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-1592

    A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04... Read more

    Affected Products : netweaver
    • EPSS Score: %68.89
    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-1437

    Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value.... Read more

    Affected Products : fedora module-metadata
    • EPSS Score: %0.94
    • Published: Jan. 28, 2020
    • Modified: Nov. 21, 2024

  • 6.3

    MEDIUM
    CVE-2013-1429

    Lintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks.... Read more

    Affected Products : ubuntu_linux debian_linux lintian
    • EPSS Score: %0.79
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-1426

    Cross-site Scripting (XSS) in Mahara before 1.5.9 and 1.6.x before 1.6.4 allows remote attackers to inject arbitrary web script or HTML via the TinyMCE editor.... Read more

    Affected Products : mahara
    • EPSS Score: %0.41
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-1425

    ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions.... Read more

    Affected Products : debian_linux ldap_git_backup
    • EPSS Score: %0.10
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2013-1422

    webcalendar before 1.2.7 shows the reason for a failed login (e.g., "no such user").... Read more

    Affected Products : webcalendar
    • EPSS Score: %0.32
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-1420

    Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to backup-edit.php; (2) title or (3) menu parameter to edit.php; or (4) path or (5) re... Read more

    Affected Products : getsimple_cms
    • EPSS Score: %0.42
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-1410

    Perforce P4web 2011.1 and 2012.1 has multiple XSS vulnerabilities... Read more

    Affected Products : p4web
    • EPSS Score: %0.76
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-1401

    Multiple security bypass vulnerabilities in the editAnswer, deleteAnswer, addAnswer, and deletePoll functions in WordPress Poll Plugin 34.5 for WordPress allow a remote attacker to add, edit, and delete an answer and delete a poll.... Read more

    Affected Products : wordpress_poll
    • EPSS Score: %4.56
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-1400

    Multiple SQL injection vulnerabilities in CWPPoll.js in WordPress Poll Plugin 34.5 for WordPress allow attackers to execute arbitrary SQL commands via the pollid or poll_id parameter in a viewPollResults or userlogs action.... Read more

    Affected Products : wordpress_poll
    • EPSS Score: %2.31
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-1391

    Authentication bypass vulnerability in the the web interface in Hunt CCTV, Capture CCTV, Hachi CCTV, NoVus CCTV, and Well-Vision Inc DVR systems allows a remote attacker to retrieve the device configuration.... Read more

    • EPSS Score: %84.10
    • Published: Oct. 30, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-1360

    An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, and 6.0 via a crafted request to the S... Read more

    • EPSS Score: %57.72
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-1359

    An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0; Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, 5.1, and 6.0 via the skipSessionCheck ... Read more

    • EPSS Score: %89.13
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291647 Results