Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2013-2294

    Multiple cross-site scripting (XSS) vulnerabilities in ViewGit before 0.0.7 allow remote repository users to inject arbitrary web script or HTML via a (1) tag name to the Shortlog table in templates/shortlog.php or branch name to the (2) Shortlog table in... Read more

    Affected Products : viewgit
    • Published: Jan. 30, 2020
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2013-2267

    PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote attackers to execute arbitrary code on the system.... Read more

    Affected Products : fudforum
    • Published: Jan. 27, 2020
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-2262

    Cryptocat strophe.js before 2.0.22 has information disclosure... Read more

    Affected Products : cryptocat
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-2261

    Cryptocat before 2.0.22 Chrome Extension 'img/keygen.gif' has Information Disclosure... Read more

    Affected Products : cryptocat
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-2260

    Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness... Read more

    Affected Products : cryptocat
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-2259

    Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview... Read more

    Affected Products : cryptocat
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2013-2258

    Cryptocat before 2.0.22 has Nickname User Impersonation... Read more

    Affected Products : cryptocat
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-2257

    Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness... Read more

    Affected Products : cryptocat
    • Published: Nov. 04, 2019
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2013-2255

    HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.... Read more

    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2013-2233

    Ansible before 1.2.1 makes it easier for remote attackers to conduct man-in-the-middle attacks by leveraging failure to cache SSH host keys.... Read more

    Affected Products : ansible
    • Published: May. 04, 2018
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2013-2228

    SaltStack RSA Key Generation allows remote users to decrypt communications... Read more

    Affected Products : salt saltstack
    • Published: Dec. 03, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2013-2227

    GLPI 0.83.7 has Local File Inclusion in common.tabs.php.... Read more

    Affected Products : debian_linux glpi
    • Published: Nov. 01, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-2213

    The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Library rand function's linear congruential generator, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by ... Read more

    Affected Products : paste_applet
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-2198

    The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows attackers to bypass intended restrictions via a crafted username.... Read more

    Affected Products : login_security
    • Published: Jan. 30, 2020
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2013-2183

    Monkey HTTP Daemon has local security bypass... Read more

    Affected Products : monkey
    • Published: Dec. 10, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-2167

    python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass... Read more

    • Published: Dec. 10, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-2166

    python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass... Read more

    • Published: Dec. 10, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-2159

    Monkey HTTP Daemon: broken user name authentication... Read more

    Affected Products : monkey
    • Published: Dec. 10, 2019
    • Modified: Nov. 21, 2024

  • 8.4

    HIGH
    CVE-2013-2120

    The %{password(...)} macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass authentication via a brute-force attack.... Read more

    Affected Products : paste_applet
    • Published: Feb. 11, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-2109

    WordPress plugin wp-cleanfix has Remote Code Execution... Read more

    Affected Products : wp_cleanfix
    • Published: Feb. 10, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 292802 Results