Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2013-4859

    INSTEON Hub 2242-222 lacks Web and API authentication... Read more

    Affected Products : hub_firmware hub
    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-4857

    D-Link DIR-865L has PHP File Inclusion in the router xml file.... Read more

    Affected Products : dir-865l_firmware dir-865l
    • Published: Oct. 25, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2013-4856

    D-Link DIR-865L has Information Disclosure.... Read more

    Affected Products : dir-865l_firmware dir-865l
    • Published: Oct. 25, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-4855

    D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share.... Read more

    Affected Products : dir-865l_firmware dir-865l
    • Published: Oct. 25, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2013-4848

    TP-Link TL-WDR4300 version 3.13.31 has multiple CSRF vulnerabilities.... Read more

    Affected Products : tl-wdr4300_firmware tl-wdr4300
    • Published: Oct. 25, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-4796

    ReviewBoard 1.6.17 allows code execution by attaching PHP scripts to review request... Read more

    Affected Products : reviewboard
    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-4792

    PrestaShop before 1.4.11 allows logout CSRF.... Read more

    Affected Products : prestashop
    • Published: Feb. 14, 2020
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2013-4791

    PrestaShop before 1.4.11 allows Logistician, translators and other low level profiles/accounts to inject a persistent XSS vector on TinyMCE.... Read more

    Affected Products : prestashop
    • Published: Feb. 14, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-4770

    Cross-site scripting (XSS) vulnerability in Eucalyptus Management Console (EMC) 4.0.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : eucalyptus_management_console
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2013-4764

    Samsung Galaxy S3/S4 exposes an unprotected component allowing an unprivileged app to send arbitrary SMS texts to arbitrary destinations without permission.... Read more

    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 4.6

    MEDIUM
    CVE-2013-4763

    Samsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages without requesting permission.... Read more

    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-4752

    Symfony 2.0.X before 2.0.24, 2.1.X before 2.1.12, 2.2.X before 2.2.5, and 2.3.X before 2.3.3 have an issue in the HttpFoundation component. The Host header can be manipulated by an attacker when the framework is generating an absolute URL. A remote attack... Read more

    Affected Products : fedora symfony
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2013-4751

    php-symfony2-Validator has loss of information during serialization... Read more

    Affected Products : enterprise_linux fedora symfony
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-4743

    Static HTTP Server 1.0 has a Local Overflow... Read more

    Affected Products : static_http_server
    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2013-4718

    Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) ITSM 3.0.x before 3.0.9, 3.1.x before 3.1.10, and 3.2.x before 3.2.7 allows remote authenticated users to inject arbitrary web script or HTML via an ITSM ConfigItem search.... Read more

    Affected Products : otrs otrs_itsm
    • Published: Aug. 09, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-4717

    Multiple SQL injection vulnerabilities in Open Ticket Request System (OTRS) Help Desk 3.0.x before 3.0.22, 3.1.x before 3.1.18, and 3.2.x before 3.2.9 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to Ke... Read more

    Affected Products : otrs otrs_itsm
    • Published: Aug. 09, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-4695

    Winamp 5.63: Invalid Pointer Dereference leading to Arbitrary Code Execution... Read more

    Affected Products : winamp
    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-4693

    WordPress Xorbin Digital Flash Clock 1.0 has XSS... Read more

    Affected Products : digital_flash_clock
    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-4692

    Xorbin Analog Flash Clock 1.0 extension for Joomia has XSS... Read more

    Affected Products : analog_flash_clock
    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-4691

    Sencha Labs Connect has XSS with connect.methodOverride()... Read more

    Affected Products : connect
    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292775 Results