Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (84 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-6460 3 Debian, Nokogiri, Redhat 7 Debian Linux, Nokogiri, Cloudforms Management Engine and 4 more 2024-08-06 6.5 Medium
Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents
CVE-2013-6461 3 Debian, Nokogiri, Redhat 7 Debian Linux, Nokogiri, Cloudforms Management Engine and 4 more 2024-08-06 6.5 Medium
Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits
CVE-2013-4335 1 Openpne 1 Opopensocialplugin 2024-08-06 9.8 Critical
opOpenSocialPlugin 0.8.2.1, > 0.9.9.2, 0.9.13, 1.2.6: Multiple XML External Entity Injection Vulnerabilities
CVE-2013-4179 2 Openstack, Redhat 3 Compute, Havana, Openstack 2024-08-06 N/A
The security group extension in OpenStack Compute (Nova) Grizzly 2013.1.3, Havana before havana-3, and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664.