Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2013-0737

    Cross-site scripting (XSS) vulnerability in BoltWire 3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the fieldnames parameter.... Read more

    Affected Products : boltwire
    • EPSS Score: %0.20
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-0725

    ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities... Read more

    Affected Products : erdas_er_viewer
    • EPSS Score: %0.06
    • Published: Jan. 30, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-0594

    Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383.... Read more

    Affected Products : inotes
    • EPSS Score: %0.15
    • Published: Jul. 11, 2018
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2013-0592

    Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815.... Read more

    Affected Products : inotes
    • EPSS Score: %0.13
    • Published: Jul. 11, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-0589

    IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. IBM X-Force ID: 83371.... Read more

    Affected Products : inotes
    • EPSS Score: %0.17
    • Published: Jul. 11, 2018
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2013-0570

    The Fibre Channel over Ethernet (FCoE) feature in IBM System Networking and Blade Network Technology (BNT) switches running IBM Networking Operating System (aka NOS, formerly BLADE Operating System) floods data frames with unknown MAC addresses out on all... Read more

    • EPSS Score: %0.18
    • Published: Jul. 13, 2018
    • Modified: Nov. 21, 2024

  • 7.0

    HIGH
    CVE-2013-0522

    The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and 9.0 on Windows allows local users to discover passwords via vectors involving an unspecified operating system communication mechanism for password transmis... Read more

    Affected Products : lotus_notes notes
    • EPSS Score: %0.04
    • Published: Jul. 16, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-0517

    A Command Execution Vulnerability exists in IBM Sterling External Authentication Server 2.2.0, 2.3.01, 2.4.0, and 2.4.1 via an unspecified OS command, which could let a local malicious user execute arbitrary code.... Read more

    • EPSS Score: %0.12
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2013-0507

    IBM InfoSphere Information Server 8.1, 8.5, 8.7, 9.1 has a Session Fixation Vulnerability... Read more

    Affected Products : infosphere_information_server
    • EPSS Score: %0.23
    • Published: Feb. 05, 2020
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2013-0342

    The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294.... Read more

    Affected Products : pyrad
    • EPSS Score: %1.29
    • Published: Dec. 09, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-0326

    OpenStack nova base images permissions are world readable... Read more

    Affected Products : debian_linux nova
    • EPSS Score: %0.11
    • Published: Dec. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2013-0294

    packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack.... Read more

    Affected Products : fedora pyrad
    • EPSS Score: %1.88
    • Published: Jan. 28, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-0293

    oVirt Node: Lock screen accepts F2 to drop to shell causing privilege escalation... Read more

    Affected Products : node
    • EPSS Score: %0.13
    • Published: Dec. 10, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-0291

    NextGEN Gallery Plugin for WordPress 1.9.10 and 1.9.11 has a Path Disclosure Vulnerability... Read more

    Affected Products : nextgen_gallery
    • EPSS Score: %32.11
    • Published: Jan. 30, 2020
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2013-0286

    Pinboard 1.0.6 theme for Wordpress has XSS.... Read more

    Affected Products : pinboard
    • EPSS Score: %0.08
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2013-0283

    Katello: Username in Notification page has cross site scripting... Read more

    Affected Products : katello subscription_asset_manager
    • EPSS Score: %0.26
    • Published: Dec. 05, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-0267

    The Privileges portion of the web GUI and the XMLRPC API in Apache VCL 2.3.x before 2.3.2, 2.2.x before 2.2.2 and 2.1 allow remote authenticated users with nodeAdmin, manageGroup, resourceGrant, or userGrant permissions to gain privileges, cause a denial ... Read more

    Affected Products : virtual_computing_lab vcl
    • EPSS Score: %0.35
    • Published: Feb. 21, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-0264

    An import error was introduced in Cumin in the code refactoring in r5310. Server certificate validation is always disabled when connecting to Aviary servers, even if the installed packages on a system support it.... Read more

    Affected Products : mrg_management_console
    • EPSS Score: %0.14
    • Published: Dec. 30, 2019
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2013-0243

    haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections... Read more

    Affected Products : hs-tls
    • EPSS Score: %0.37
    • Published: Dec. 05, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2013-0196

    A CSRF issue was found in OpenShift Enterprise 1.2. The web console is using 'Basic authentication' and the REST API has no CSRF attack protection mechanism. This can allow an attacker to obtain the credential and the Authorization: header when requesting... Read more

    Affected Products : enterprise_linux openshift openshift
    • EPSS Score: %0.11
    • Published: Dec. 30, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291647 Results