Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2013-4441

    The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.... Read more

    Affected Products : pwgen
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-4423

    CloudForms stores user passwords in recoverable format... Read more

    Affected Products : cloudforms
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-4412

    slim has NULL pointer dereference when using crypt() method from glibc 2.17... Read more

    Affected Products : debian_linux glibc slim
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2013-4411

    Review Board: URL processing gives unauthorized users access to review lists... Read more

    Affected Products : fedora reviewboard
    • Published: Dec. 03, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-4410

    ReviewBoard: has an access-control problem in REST API... Read more

    Affected Products : fedora reviewboard
    • Published: Dec. 02, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-4409

    An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests.... Read more

    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-4395

    Simple Machines Forum (SMF) through 2.0.5 has XSS... Read more

    Affected Products : simple_machines_forum
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2013-4374

    An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files.... Read more

    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-4367

    ovirt-engine 3.2 running on Linux kernel 3.1 and newer creates certain files world-writeable due to an upstream kernel change which impacted how python's os.chmod() works when passed a mode of '-1'.... Read more

    Affected Products : linux_kernel ovirt-engine ovirt-engine
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-4364

    (1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package in Red Hat OpenShift Enterprise 1 and 2 allow local users to have unspecified impact via a symlink attack on an unspecified file in /tmp.... Read more

    Affected Products : openshift openshift
    • Published: Jan. 08, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-4357

    The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service.... Read more

    • Published: Dec. 31, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-4335

    opOpenSocialPlugin 0.8.2.1, > 0.9.9.2, 0.9.13, 1.2.6: Multiple XML External Entity Injection Vulnerabilities... Read more

    Affected Products : opopensocialplugin
    • Published: Feb. 07, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-4334

    opWebAPIPlugin 0.5.1, 0.4.0, and 0.1.0: XXE Vulnerabilities... Read more

    Affected Products : opwebapiplugin
    • Published: Feb. 07, 2020
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2013-4333

    OpenPNE 3 versions 3.8.7, 3.6.11, 3.4.21.1, 3.2.7.6, 3.0.8.5 has an External Entity Injection Vulnerability... Read more

    Affected Products : openpne
    • Published: Jan. 24, 2020
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2013-4318

    File injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory.... Read more

    Affected Products : feature
    • Published: Dec. 26, 2019
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2013-4317

    In Apache CloudStack 4.1.0 and 4.1.1, when calling the CloudStack API call listProjectAccounts as a regular, non-administrative user, the user is able to see information for accounts other than their own.... Read more

    Affected Products : cloudstack
    • Published: Feb. 06, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-4303

    includes/libs/IEUrlExtension.php in the MediaWiki API in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 does not properly detect extensions when there are an even number of "." (period) characters in a string, which allows ... Read more

    Affected Products : mediawiki
    • Published: Dec. 11, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-4280

    Insecure temporary file vulnerability in RedHat vsdm 4.9.6.... Read more

    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2013-4275

    Cross-site scripting (XSS) vulnerability in the zen_breadcrumb function in template.php in the Zen theme 6.x-1.x, 7.x-3.x before 7.x-3.2, and 7.x-5.x before 7.x-5.4 for Drupal allows remote authenticated users with the "administer themes" permission to in... Read more

    Affected Products : zen
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2013-4267

    Ajaxeplorer before 5.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) archive_name parameter to the Power FS module (plugins/action.powerfs/class.PowerFSController.php), a (2) file name to the getTrustSizeOnFil... Read more

    Affected Products : pydio
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 292811 Results