Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2013-1891

    In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed.... Read more

    Affected Products : opencart windows
    • EPSS Score: %4.02
    • Published: Jun. 24, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-1889

    mod_ruid2 before 0.9.8 improperly handles file descriptors which allows remote attackers to bypass security using a CGI script to break out of the chroot.... Read more

    Affected Products : mod_ruid2
    • EPSS Score: %0.59
    • Published: Nov. 08, 2019
    • Modified: Nov. 21, 2024

  • 6.3

    MEDIUM
    CVE-2013-1867

    Gemalto Tokend 2013 has an Arbitrary File Creation/Overwrite Vulnerability... Read more

    Affected Products : mac_os_x tokend
    • EPSS Score: %0.15
    • Published: Jan. 30, 2020
    • Modified: Nov. 21, 2024

  • 6.3

    MEDIUM
    CVE-2013-1866

    OpenSC OpenSC.tokend has an Arbitrary File Creation/Overwrite Vulnerability... Read more

    Affected Products : mac_os_x opensc
    • EPSS Score: %0.15
    • Published: Jan. 30, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-1820

    tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service.... Read more

    Affected Products : fedora tuned
    • EPSS Score: %0.14
    • Published: Nov. 08, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-1817

    MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information.... Read more

    • EPSS Score: %1.40
    • Published: Nov. 20, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-1816

    MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request.... Read more

    • EPSS Score: %3.48
    • Published: Nov. 20, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2013-1811

    An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New".... Read more

    Affected Products : debian_linux mantisbt
    • EPSS Score: %0.32
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-1809

    Gambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories.... Read more

    Affected Products : debian_linux gambas
    • EPSS Score: %1.70
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-1793

    openstack-utils openstack-db has insecure password creation... Read more

    Affected Products : openstack openstack_essex
    • EPSS Score: %0.28
    • Published: Dec. 10, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-1771

    The web server Monkeyd produces a world-readable log (/var/log/monkeyd/master.log) on gentoo.... Read more

    Affected Products : monkey
    • EPSS Score: %0.39
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-1760

    The Bug Genie before 3.2.6 has Multiple XSS and HTML Injection Vulnerabilities... Read more

    Affected Products : the_bug_genie
    • EPSS Score: %0.35
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-1753

    The gzip_decode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP request.... Read more

    Affected Products : python
    • EPSS Score: %0.42
    • Published: Mar. 11, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-1751

    TWiki before 5.1.4 allows remote attackers to execute arbitrary shell commands by sending a crafted '%MAKETEXT{}%' parameter value containing Perl backtick characters.... Read more

    Affected Products : twiki
    • EPSS Score: %4.69
    • Published: Nov. 07, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-1744

    IRIS citations management tool through 1.3 allows remote attackers to execute arbitrary commands.... Read more

    Affected Products : iris_citations_management_tool
    • EPSS Score: %19.52
    • Published: Jan. 25, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2013-1689

    Mozilla Firefox 20.0a1 and earlier allows remote attackers to cause a denial of service (crash), related to event handling with frames.... Read more

    Affected Products : firefox
    • EPSS Score: %0.36
    • Published: Dec. 10, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-1666

    Foswiki before 1.1.8 contains a code injection vulnerability in the MAKETEXT macro.... Read more

    Affected Products : foswiki
    • EPSS Score: %4.13
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-1642

    Multiple cross-site scripting (XSS) vulnerabilities in QuiXplorer before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) dir, (2) item, (3) order, (4) searchitem, (5) selitems[], or (6) srt parameter to index.php or (7) the... Read more

    Affected Products : quixplorer
    • EPSS Score: %0.57
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-1634

    A denial of service vulnerability exists in some motherboard implementations of Intel e1000e/82574L network controller devices through 2013-02-06 where the device can be brought into a non-processing state when parsing 32 hex, 33 hex, or 34 hex byte value... Read more

    • EPSS Score: %7.18
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2013-1631

    Verax NMS prior to 2.1.0 leaks connection details when any user executes a Repair Table action... Read more

    Affected Products : network_management_system
    • EPSS Score: %0.21
    • Published: Jan. 30, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291712 Results