Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2013-0283

    Katello: Username in Notification page has cross site scripting... Read more

    Affected Products : katello subscription_asset_manager
    • EPSS Score: %0.26
    • Published: Dec. 05, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-0267

    The Privileges portion of the web GUI and the XMLRPC API in Apache VCL 2.3.x before 2.3.2, 2.2.x before 2.2.2 and 2.1 allow remote authenticated users with nodeAdmin, manageGroup, resourceGrant, or userGrant permissions to gain privileges, cause a denial ... Read more

    Affected Products : virtual_computing_lab vcl
    • EPSS Score: %0.35
    • Published: Feb. 21, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-0264

    An import error was introduced in Cumin in the code refactoring in r5310. Server certificate validation is always disabled when connecting to Aviary servers, even if the installed packages on a system support it.... Read more

    Affected Products : mrg_management_console
    • EPSS Score: %0.14
    • Published: Dec. 30, 2019
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2013-0243

    haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections... Read more

    Affected Products : hs-tls
    • EPSS Score: %0.37
    • Published: Dec. 05, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2013-0196

    A CSRF issue was found in OpenShift Enterprise 1.2. The web console is using 'Basic authentication' and the REST API has no CSRF attack protection mechanism. This can allow an attacker to obtain the credential and the Authorization: header when requesting... Read more

    Affected Products : enterprise_linux openshift openshift
    • EPSS Score: %0.11
    • Published: Dec. 30, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-0195

    Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0193 and CVE-2013-0194.... Read more

    Affected Products : matomo
    • EPSS Score: %0.47
    • Published: Nov. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-0194

    Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0193 and CVE-2013-0195.... Read more

    Affected Products : matomo
    • EPSS Score: %0.47
    • Published: Nov. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-0193

    Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0194 and CVE-2013-0195.... Read more

    Affected Products : matomo
    • EPSS Score: %0.47
    • Published: Nov. 20, 2019
    • Modified: Nov. 21, 2024

  • 4.9

    MEDIUM
    CVE-2013-0192

    File Disclosure in SMF (SimpleMachines Forum) <= 2.0.3: Forum admin can read files such as the database config.... Read more

    Affected Products : simple_machines_forum
    • EPSS Score: %5.92
    • Published: Feb. 07, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-0186

    Multiple cross-site scripting (XSS) vulnerabilities in ManageIQ EVM allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    • EPSS Score: %0.40
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-0185

    Cross-site request forgery (CSRF) vulnerability in ManageIQ Enterprise Virtualization Manager (EVM) allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors.... Read more

    • EPSS Score: %0.20
    • Published: May. 01, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-0180

    Insecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds.... Read more

    Affected Products : redis
    • EPSS Score: %0.04
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-0178

    Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm.... Read more

    Affected Products : redis
    • EPSS Score: %0.14
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-0165

    cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in /tmp.... Read more

    Affected Products : openshift
    • EPSS Score: %0.34
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-0163

    OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS... Read more

    Affected Products : openshift openshift
    • EPSS Score: %0.12
    • Published: Dec. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2013-0161

    Havalite CMS 1.1.7 has a stored XSS vulnerability... Read more

    Affected Products : havalite
    • EPSS Score: %0.30
    • Published: Jan. 29, 2020
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2013-0159

    The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 and before 1-0.1.beta1.fc18 on Fedora 18 allows local users to cause a denial of service or write to arbitrary files via a symlink attack on /tmp/fedora-business-cards-buffer.svg.... Read more

    Affected Products : fedora
    • EPSS Score: %0.04
    • Published: May. 01, 2018
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2012-6721

    Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) Forum, (2) Event, and (3) Classifieds plugins in SocialEngine before 4.2.4.... Read more

    Affected Products : socialengine
    • EPSS Score: %0.11
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2012-6720

    Multiple cross-site scripting (XSS) vulnerabilities in SocialEngine before 4.2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to music/create, (2) location parameter to events/create, or (3) search parameter to... Read more

    Affected Products : socialengine
    • EPSS Score: %0.22
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2012-6719

    The sharebar plugin before 1.2.2 for WordPress has SQL injection.... Read more

    Affected Products : sharebar
    • EPSS Score: %0.55
    • Published: Aug. 28, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291712 Results