Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2013-2569

    A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to the live video stream.... Read more

    • EPSS Score: %68.04
    • Published: Jan. 29, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-2568

    A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code.... Read more

    • EPSS Score: %57.51
    • Published: Jan. 29, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-2567

    An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sensitive information.... Read more

    • EPSS Score: %52.74
    • Published: Jan. 29, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2013-2565

    A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver.... Read more

    Affected Products : mambo_cms
    • EPSS Score: %0.26
    • Published: Feb. 15, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2013-2516

    Vulnerability in FileUtils v0.7, Ruby Gem Fileutils <= v0.7 Command Injection vulnerability in user supplied url variable that is passed to the shell.... Read more

    Affected Products : fileutils
    • EPSS Score: %2.38
    • Published: Feb. 15, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-2513

    The flash_tool gem through 0.6.0 for Ruby allows command execution via shell metacharacters in the name of a downloaded file.... Read more

    Affected Products : flash_tool
    • EPSS Score: %0.59
    • Published: Dec. 12, 2023
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-2512

    The ftpd gem 0.2.1 for Ruby allows remote attackers to execute arbitrary OS commands via shell metacharacters in a LIST or NLST command argument within FTP protocol traffic.... Read more

    Affected Products : ftpd
    • EPSS Score: %2.84
    • Published: Jan. 26, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-2499

    SimpleHRM 2.3 and earlier could allow remote attackers to bypass the authentication process in 'user_manager.php' via spoofing a cookie.... Read more

    Affected Products : simplehrm
    • EPSS Score: %1.16
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-2474

    Directory traversal vulnerability in AWS XMS 2.5 allows remote attackers to view arbitrary files via the 'what' parameter.... Read more

    Affected Products : aws_xms
    • EPSS Score: %34.23
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-2294

    Multiple cross-site scripting (XSS) vulnerabilities in ViewGit before 0.0.7 allow remote repository users to inject arbitrary web script or HTML via a (1) tag name to the Shortlog table in templates/shortlog.php or branch name to the (2) Shortlog table in... Read more

    Affected Products : viewgit
    • EPSS Score: %4.74
    • Published: Jan. 30, 2020
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2013-2267

    PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote attackers to execute arbitrary code on the system.... Read more

    Affected Products : fudforum
    • EPSS Score: %12.80
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-2262

    Cryptocat strophe.js before 2.0.22 has information disclosure... Read more

    Affected Products : cryptocat
    • EPSS Score: %0.47
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-2261

    Cryptocat before 2.0.22 Chrome Extension 'img/keygen.gif' has Information Disclosure... Read more

    Affected Products : cryptocat
    • EPSS Score: %7.85
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-2260

    Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness... Read more

    Affected Products : cryptocat
    • EPSS Score: %0.50
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-2259

    Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview... Read more

    Affected Products : cryptocat
    • EPSS Score: %0.72
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2013-2258

    Cryptocat before 2.0.22 has Nickname User Impersonation... Read more

    Affected Products : cryptocat
    • EPSS Score: %0.42
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-2257

    Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness... Read more

    Affected Products : cryptocat
    • EPSS Score: %0.42
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2013-2255

    HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.... Read more

    • EPSS Score: %0.41
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2013-2233

    Ansible before 1.2.1 makes it easier for remote attackers to conduct man-in-the-middle attacks by leveraging failure to cache SSH host keys.... Read more

    Affected Products : ansible
    • EPSS Score: %0.37
    • Published: May. 04, 2018
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2013-2228

    SaltStack RSA Key Generation allows remote users to decrypt communications... Read more

    Affected Products : salt saltstack
    • EPSS Score: %1.02
    • Published: Dec. 03, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291751 Results