Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2013-4665

    SPBAS Business Automation Software 2012 has CSRF.... Read more

    Affected Products : business_automation_software
    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-4664

    SPBAS Business Automation Software 2012 has XSS.... Read more

    Affected Products : business_automation_software
    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-4658

    Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share.... Read more

    Affected Products : ea6500_firmware ea6500
    • Published: Oct. 25, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-4657

    Symlink Traversal vulnerability in NETGEAR WNR3500U and WNR3500L due to misconfiguration in the SMB service.... Read more

    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-4656

    Symlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to misconfiguration in the SMB service.... Read more

    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-4655

    Symlink Traversal vulnerability in Belkin N900 due to misconfiguration in the SMB service.... Read more

    Affected Products : n900_firmware n900
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-4654

    Symlink Traversal vulnerability in TP-LINK TL-WDR4300 and TL-1043ND..... Read more

    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-4621

    Magnolia CMS before 4.5.9 has multiple access bypass vulnerabilities... Read more

    Affected Products : magnolia_cms
    • Published: Dec. 27, 2019
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2013-4602

    A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 8.2.12.58 via an unspecified function in the PDF Scanner Engine.... Read more

    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-4593

    RubyGem omniauth-facebook has an access token security vulnerability... Read more

    Affected Products : omniauth-facebook
    • Published: Dec. 11, 2019
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2013-4584

    Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssl_outgoing_ciphers not being applied to STARTTLS connections... Read more

    Affected Products : debian_linux perdition
    • Published: Nov. 15, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-4583

    The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to gain privileges and clone arbitrary repositori... Read more

    Affected Products : gitlab gitlab-shell
    • Published: Jan. 28, 2020
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2013-4582

    The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project functions in lib/gitlab_projects.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote aut... Read more

    Affected Products : gitlab gitlab-shell
    • Published: Jan. 28, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-4572

    The CentralNotice extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 sets the Cache-Control header to cache session cookies when a user is autocreated, which allows remote attackers to authenticate as the created user.... Read more

    Affected Products : fedora mediawiki
    • Published: Feb. 06, 2020
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2013-4561

    In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of confidentiality and integrity.... Read more

    Affected Products : openshift
    • Published: Jun. 30, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-4536

    An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the p... Read more

    Affected Products : qemu
    • Published: May. 28, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-4535

    The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read.... Read more

    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-4532

    Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.... Read more

    Affected Products : ubuntu_linux debian_linux qemu
    • Published: Jan. 02, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-4521

    RichFaces implementation in Nuxeo Platform 5.6.0 before HF27 and 5.8.0 before HF-01 does not restrict the classes for which deserialization methods can be called, which allows remote attackers to execute arbitrary code via crafted serialized data. NOTE: t... Read more

    Affected Products : nuxeo
    • Published: Feb. 06, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-4518

    RHUI (Red Hat Update Infrastructure) 2.1.3 has world readable PKI entitlement certificates... Read more

    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292795 Results