Export limit exceeded: 356244 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10172 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-0164 | 1 Wpdevart | 1 Coming Soon And Maintenance Mode | 2024-11-21 | 4.3 Medium |
| The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not have authorisation and CSRF checks in its coming_soon_send_mail AJAX action, allowing any authenticated users, with a role as low as subscriber to send arbitrary emails to all subscribed users | ||||
| CVE-2022-0155 | 3 Follow-redirects Project, Redhat, Siemens | 4 Follow-redirects, Acm, Rhev Manager and 1 more | 2024-11-21 | 6.5 Medium |
| follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor | ||||
| CVE-2022-0154 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 7.5 High |
| An issue has been discovered in GitLab affecting all versions starting from 7.7 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was vulnerable to a Cross-Site Request Forgery attack that allows a malicious user to have their GitHub project imported on another GitLab user account. | ||||
| CVE-2022-0141 | 1 Vfbpro | 1 Visual Form Builder | 2024-11-21 | 8.1 High |
| The Visual Form Builder WordPress plugin before 3.0.8 does not enforce nonce checks which could allow attackers to make a logged in admin or editor delete and restore arbitrary form entries via CSRF attacks | ||||
| CVE-2022-0134 | 1 Bologer | 1 Anycomment | 2024-11-21 | 8.8 High |
| The AnyComment WordPress plugin before 0.2.18 does not have CSRF checks in the Import and Revert HyperComments features, allowing attackers to make logged in admin perform such actions via a CSRF attack | ||||
| CVE-2021-4168 | 1 Showdoc | 1 Showdoc | 2024-11-21 | 8.8 High |
| showdoc is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4164 | 1 Janeczku | 1 Calibre-web | 2024-11-21 | 8.8 High |
| calibre-web is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4162 | 1 Archivy Project | 1 Archivy | 2024-11-21 | 4.3 Medium |
| archivy is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4148 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2024-11-21 | 5.5 Medium |
| A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of service (DOS) problem. | ||||
| CVE-2021-4131 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 8.8 High |
| livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4130 | 1 Snipeitapp | 1 Snipe-it | 2024-11-21 | 8.8 High |
| snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4123 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 6.5 Medium |
| livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4092 | 1 Yetiforce | 1 Yetiforce Customer Relationship Management | 2024-11-21 | 4.3 Medium |
| yetiforcecrm is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4082 | 1 Pimcore | 1 Pimcore | 2024-11-21 | 4.3 Medium |
| pimcore is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4049 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 6.5 Medium |
| livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4033 | 1 Kimai | 1 Kimai 2 | 2024-11-21 | 6.5 Medium |
| kimai2 is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4030 | 1 Zyxel | 4 Nbg6816, Nbg6816 Firmware, Nbg6817 and 1 more | 2024-11-21 | 8 High |
| A cross-site request forgery vulnerability in the HTTP daemon of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary commands if they coerce or trick a local user to visit a compromised website with malicious scripts. | ||||
| CVE-2021-4017 | 1 Showdoc | 1 Showdoc | 2024-11-21 | 8.8 High |
| showdoc is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4015 | 1 Firefly-iii | 1 Firefly Iii | 2024-11-21 | 4.3 Medium |
| firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4005 | 1 Firefly-iii | 1 Firefly Iii | 2024-11-21 | 4.3 Medium |
| firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | ||||