Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2013-7172

    Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges.... Read more

    Affected Products : slackware_linux
    • Published: Nov. 21, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-7171

    Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges.... Read more

    Affected Products : slackware_linux
    • Published: Nov. 21, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-7098

    OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection.... Read more

    Affected Products : openconnect
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-7089

    ClamAV before 0.97.7: dbg_printhex possible information leak... Read more

    Affected Products : fedora debian_linux clamav
    • Published: Nov. 15, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-7088

    ClamAV before 0.97.7 has buffer overflow in the libclamav component... Read more

    Affected Products : fedora debian_linux clamav
    • Published: Nov. 15, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-7087

    ClamAV before 0.97.7 has WWPack corrupt heap memory... Read more

    Affected Products : fedora debian_linux clamav
    • Published: Nov. 15, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7071

    Cross-site scripting (XSS) vulnerability in the handle_request function in lib/HTTPServer.pm in Monitorix before 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.... Read more

    Affected Products : monitorix
    • Published: Dec. 31, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-7070

    The handle_request function in lib/HTTPServer.pm in Monitorix before 3.3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the URI.... Read more

    Affected Products : monitorix
    • Published: Dec. 31, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7062

    Multiple cross-site scripting (XSS) vulnerabilities in Zope, as used in Plone 3.3.x through 3.3.6, 4.0.x through 4.0.9, 4.1.x through 4.1.6, 4.2.x through 4.2.7, and 4.3 through 4.3.2, allow remote attackers to inject arbitrary web script or HTML via unsp... Read more

    Affected Products : plone
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-7055

    D-Link DIR-100 4.03B07 has PPTP and poe information disclosure... Read more

    Affected Products : dir-100 dir-100_firmware
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7054

    D-Link DIR-100 4.03B07: cli.cgi XSS... Read more

    Affected Products : dir-100 dir-100_firmware
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-7053

    D-Link DIR-100 4.03B07: cli.cgi CSRF... Read more

    Affected Products : dir-100 dir-100_firmware
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-7052

    D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script... Read more

    Affected Products : dir-100 dir-100_firmware
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-7051

    D-Link DIR-100 4.03B07: cli.cgi security bypass due to failure to check authentication parameters... Read more

    Affected Products : dir-100 dir-100_firmware
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-6927

    Internet TRiLOGI Server (unknown versions) could allow a local user to bypass security and create a local user account.... Read more

    Affected Products : trilogi_server
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-6880

    Open redirect in proxy.php in FlashCanvas before 1.6 allows remote attackers to redirect users to arbitrary web sites and conduct cross-site scripting (XSS) attacks via the HTTP Referer header.... Read more

    Affected Products : flashcanvas
    • Published: Nov. 22, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2013-6879

    The Mijosoft MijoSearch component 2.0.1 and earlier for Joomla! allows remote attackers to obtain sensitive information via a request to component/mijosearch/search, which reveals the installation path in an error message.... Read more

    Affected Products : mijosearch
    • Published: Nov. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-6878

    Cross-site scripting (XSS) vulnerability in the Mijosoft MijoSearch component 2.0.4 and earlier for Joomla! allows remote attackers to inject arbitrary web script or HTML via the query parameter to component/mijosearch/search.... Read more

    Affected Products : mijosearch
    • Published: Nov. 22, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-6876

    The (1) pty_init_terminal and (2) pipe_init_terminal functions in main.c in s3dvt 0.2.2 and earlier allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: this vulnerability was fixed with commit a... Read more

    Affected Products : s3dvt
    • Published: Apr. 06, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-6811

    Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DSL-6740U gateway (Rev. H1) allow remote attackers to hijack the authentication of administrators for requests that change administrator credentials or enable remote management servi... Read more

    Affected Products : dsl6740u_firmware dsl6740u
    • Published: Nov. 22, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292765 Results