Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (1327 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-7052 1 Dlink 2 Dir-100, Dir-100 Firmware 2024-08-06 9.8 Critical
D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script
CVE-2013-7055 1 Dlink 2 Dir-100, Dir-100 Firmware 2024-08-06 9.8 Critical
D-Link DIR-100 4.03B07 has PPTP and poe information disclosure
CVE-2013-6372 2 Jenkins-ci, Redhat 2 Subversion-plugin, Openshift 2024-08-06 N/A
The Subversion plugin before 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file.
CVE-2013-5113 1 Logmein 1 Lastpass 2024-08-06 6.8 Medium
LastPass prior to 2.5.1 has an insecure PIN implementation.
CVE-2013-4869 1 Cisco 1 Unified Communications Manager 2024-08-06 N/A
Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) and the IM & Presence Service in Cisco Unified Presence Server through 9.1(2) use the same CTI and database-encryption key across different customers' installations, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key, aka Bug IDs CSCsc69187 and CSCui01756. NOTE: the vendor has provided a statement that the "hard-coded static encryption key is considered a hardening issue rather than a vulnerability, and as such, has a CVSS score of 0/0."
CVE-2013-4423 1 Redhat 2 Cloudforms, Cloudforms Managementengine 2024-08-06 5.5 Medium
CloudForms stores user passwords in recoverable format
CVE-2013-4222 4 Canonical, Fedoraproject, Openstack and 1 more 4 Ubuntu Linux, Fedora, Keystone and 1 more 2024-08-06 N/A
OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token.