Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2013-6792

    Google Android prior to 4.4 has an APK Signature Security Bypass Vulnerability... Read more

    Affected Products : android
    • EPSS Score: %2.77
    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2013-6785

    Directory traversal vulnerability in url_redirect.cgi in Supermicro IPMI before SMT_X9_315 allows authenticated attackers to read arbitrary files via the url_name parameter.... Read more

    • EPSS Score: %0.50
    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-6773

    Splunk 5.0.3 has an Unquoted Service Path in Windows for Universal Forwarder which can allow an attacker to escalate privileges... Read more

    Affected Products : windows splunk
    • EPSS Score: %0.05
    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2013-6772

    Splunk before 5.0.4 lacks X-Frame-Options which can allow Clickjacking... Read more

    Affected Products : splunk
    • EPSS Score: %0.21
    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-6739

    IBM SPSS Modeler before 16 on UNIX allows remote authenticated users to bypass intended access restrictions via an SSO token. IBM X-Force ID: 89855.... Read more

    Affected Products : spss_modeler
    • EPSS Score: %0.08
    • Published: Apr. 27, 2018
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2013-6681

    Tube Map Live Underground for Android before 3.0.22 has an Information Disclosure Vulnerability... Read more

    Affected Products : tube_map
    • EPSS Score: %0.66
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-6495

    JBossWeb Bayeux has reflected XSS... Read more

    • EPSS Score: %0.34
    • Published: Dec. 11, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2013-6461

    Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits... Read more

    • EPSS Score: %2.05
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2013-6460

    Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents... Read more

    • EPSS Score: %2.52
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2013-6455

    The CentralAuth extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to obtain usernames via vectors related to writing the names to the DOM of a page.... Read more

    Affected Products : mediawiki
    • EPSS Score: %0.39
    • Published: Jan. 28, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-6451

    Cross-site scripting (XSS) vulnerability in MediaWiki 1.19.9 before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via unspecified CSS values.... Read more

    Affected Products : mediawiki
    • EPSS Score: %0.30
    • Published: Jan. 28, 2020
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2013-6430

    The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) ... Read more

    Affected Products : spring_framework
    • EPSS Score: %0.34
    • Published: Jan. 10, 2020
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2013-6365

    Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions... Read more

    Affected Products : debian_linux opensuse groupware
    • EPSS Score: %0.33
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-6364

    Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual address book... Read more

    Affected Products : debian_linux groupware
    • EPSS Score: %2.29
    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-6362

    Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP and shell user accounts.... Read more

    • EPSS Score: %0.45
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-6360

    TRENDnet TS-S402 has a backdoor to enable TELNET.... Read more

    Affected Products : ts-s402_firmware ts-s402
    • EPSS Score: %0.21
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2013-6358

    PrestaShop 1.5.5 allows remote authenticated attackers to execute arbitrary code by uploading a crafted profile and then accessing it in the module/ directory.... Read more

    Affected Products : prestashop
    • EPSS Score: %4.22
    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-6295

    PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module... Read more

    Affected Products : prestashop
    • EPSS Score: %0.32
    • Published: Feb. 18, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-6277

    QNAP VioCard 300 has hardcoded RSA private keys.... Read more

    Affected Products : viocard_300_firmware viocard_300
    • EPSS Score: %0.29
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-6276

    QNAP F_VioCard 2312 and F_VioGate 2308 have hardcoded entries in authorized_keys files. NOTE: 1. All active models are not affected. The last affected model was EOL since 2010. 2. The legacy authorization mechanism is no longer adopted in all active model... Read more

    • EPSS Score: %0.40
    • Published: Aug. 09, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 292212 Results