Export limit exceeded: 10195 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10195 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-24437 | 1 Jenkins | 1 Jira Pipeline Steps | 2025-04-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||
| CVE-2023-24434 | 1 Jenkins | 1 Github Pull Request Builder | 2025-04-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||
| CVE-2025-27664 | 1 Printerlogic | 2 Vasion Print, Virtual Appliance | 2025-04-01 | 8.8 High |
| Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient CSRF Protection OVE-20230524-0008. | ||||
| CVE-2024-30946 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 5.5 Medium |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/co_do.php. | ||||
| CVE-2024-30965 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 8.8 High |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/member_scores.php. | ||||
| CVE-2024-29684 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 9.8 Critical |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /src/dede/makehtml_homepage.php allowing a remote attacker to execute arbitrary code. | ||||
| CVE-2024-4767 | 3 Debian, Mozilla, Redhat | 8 Debian Linux, Firefox, Thunderbird and 5 more | 2025-04-01 | 4.3 Medium |
| If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. | ||||
| CVE-2024-4769 | 3 Debian, Mozilla, Redhat | 8 Debian Linux, Firefox, Thunderbird and 5 more | 2025-04-01 | 5.9 Medium |
| When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. | ||||
| CVE-2024-1231 | 1 Cminds | 1 Cm Download Manager | 2025-04-01 | 6.8 Medium |
| The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins unpublish downloads via a CSRF attack | ||||
| CVE-2024-1232 | 1 Cminds | 1 Cm Download Manager | 2025-04-01 | 4.8 Medium |
| The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete downloads via a CSRF attack | ||||
| CVE-2024-1962 | 1 Cminds | 1 Cm Download Manager | 2025-04-01 | 8.8 High |
| The CM Download Manager WordPress plugin before 2.9.1 does not have CSRF checks in some places, which could allow attackers to make logged in admins edit downloads via a CSRF attack | ||||
| CVE-2024-28678 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 6.3 Medium |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_description_main.php | ||||
| CVE-2024-28681 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 6.1 Medium |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/plus_edit.php. | ||||
| CVE-2024-28682 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 6.3 Medium |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/sys_cache_up.php. | ||||
| CVE-2024-28430 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 6.1 Medium |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/catalog_edit.php. | ||||
| CVE-2024-28431 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 8.8 High |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/catalog_del.php. | ||||
| CVE-2024-28432 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 8.8 High |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_edit.php. | ||||
| CVE-2024-28665 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 8.8 High |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_add.php | ||||
| CVE-2024-28666 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 5.5 Medium |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/media_add.php | ||||
| CVE-2024-28667 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 6.1 Medium |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/templets_one_edit.php | ||||