Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2013-7055

    D-Link DIR-100 4.03B07 has PPTP and poe information disclosure... Read more

    Affected Products : dir-100 dir-100_firmware
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-7054

    D-Link DIR-100 4.03B07: cli.cgi XSS... Read more

    Affected Products : dir-100 dir-100_firmware
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-7053

    D-Link DIR-100 4.03B07: cli.cgi CSRF... Read more

    Affected Products : dir-100 dir-100_firmware
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-7052

    D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script... Read more

    Affected Products : dir-100 dir-100_firmware
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-7051

    D-Link DIR-100 4.03B07: cli.cgi security bypass due to failure to check authentication parameters... Read more

    Affected Products : dir-100 dir-100_firmware
    • Published: Feb. 04, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-6927

    Internet TRiLOGI Server (unknown versions) could allow a local user to bypass security and create a local user account.... Read more

    Affected Products : trilogi_server
    • Published: Feb. 13, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-6880

    Open redirect in proxy.php in FlashCanvas before 1.6 allows remote attackers to redirect users to arbitrary web sites and conduct cross-site scripting (XSS) attacks via the HTTP Referer header.... Read more

    Affected Products : flashcanvas
    • Published: Nov. 22, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2013-6879

    The Mijosoft MijoSearch component 2.0.1 and earlier for Joomla! allows remote attackers to obtain sensitive information via a request to component/mijosearch/search, which reveals the installation path in an error message.... Read more

    Affected Products : mijosearch
    • Published: Nov. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-6878

    Cross-site scripting (XSS) vulnerability in the Mijosoft MijoSearch component 2.0.4 and earlier for Joomla! allows remote attackers to inject arbitrary web script or HTML via the query parameter to component/mijosearch/search.... Read more

    Affected Products : mijosearch
    • Published: Nov. 22, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-6876

    The (1) pty_init_terminal and (2) pipe_init_terminal functions in main.c in s3dvt 0.2.2 and earlier allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: this vulnerability was fixed with commit a... Read more

    Affected Products : s3dvt
    • Published: Apr. 06, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2013-6811

    Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DSL-6740U gateway (Rev. H1) allow remote attackers to hijack the authentication of administrators for requests that change administrator credentials or enable remote management servi... Read more

    Affected Products : dsl6740u_firmware dsl6740u
    • Published: Nov. 22, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2013-6792

    Google Android prior to 4.4 has an APK Signature Security Bypass Vulnerability... Read more

    Affected Products : android
    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2013-6785

    Directory traversal vulnerability in url_redirect.cgi in Supermicro IPMI before SMT_X9_315 allows authenticated attackers to read arbitrary files via the url_name parameter.... Read more

    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2013-6773

    Splunk 5.0.3 has an Unquoted Service Path in Windows for Universal Forwarder which can allow an attacker to escalate privileges... Read more

    Affected Products : windows splunk
    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2013-6772

    Splunk before 5.0.4 lacks X-Frame-Options which can allow Clickjacking... Read more

    Affected Products : splunk
    • Published: Jan. 23, 2020
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2013-6739

    IBM SPSS Modeler before 16 on UNIX allows remote authenticated users to bypass intended access restrictions via an SSO token. IBM X-Force ID: 89855.... Read more

    Affected Products : spss_modeler
    • Published: Apr. 27, 2018
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2013-6681

    Tube Map Live Underground for Android before 3.0.22 has an Information Disclosure Vulnerability... Read more

    Affected Products : tube_map
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2013-6495

    JBossWeb Bayeux has reflected XSS... Read more

    • Published: Dec. 11, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2013-6461

    Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits... Read more

    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2013-6460

    Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents... Read more

    • Published: Nov. 05, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 293330 Results