13 matches found
be.ugent.idlab.knows:dataio (>=1.2.0 <=1.3.1), cn.org.expect:modest-build (=1.0.4) +221 more potentially affected by CVE-2026-41245 via com.github.junrar:junrar (>=7.4.0 <=7.5.1)
com.github.junrar:junrar MAVEN version =7.4.0, =1.2.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1, =2.7.0, =2.7.2, =2.1, =3.5.3, =3.5.11 and more Source cves: CVE-2026-41245 Source advisory: SNYK:JAVA-COMGITHUBJUNRAR-16115493...
CVE-2021-41245
Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.6 and 3.0.0, CSRF tokens generated by privUITransactionFile aren't properly checked. Versions 2.7.6 and 3.0.0 contain a patch for this issue. As a workaround, use the session implementation by adding in the iTop conf...
EUVD-2025-41245
Malicious code in dewi-pecel55-sluey npm...
CVE-2025-41245
creationtimestamp| type| source ---|---|--- 2025-09-30 23:35:51+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3m23ov7qisc2b 2025-10-01 04:53:38+00:00| seen| https://bsky.app/profile/samilaiho.com/post/3m24aneihpk2f 2025-10-30 18:05:03+00:00| seen|...
CVE-2025-41245
VMware Aria Operations contains an information disclosure vulnerability. A malicious actor with non-administrative privileges in Aria Operations may exploit this vulnerability to disclose credentials of other users of Aria Operations...
CVE-2024-41245
An Incorrect Access Control vulnerability was found in /smsa/viewteachers.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view TEACHER details...
CVE-2024-41245
creationtimestamp| type| source ---|---|--- 2024-08-07 20:19:51+00:00| seen| https://t.me/cvedetector/2723...
CVE-2022-41245
creationtimestamp| type| source ---|---|--- 2022-09-21 20:41:21+00:00| seen| https://t.me/cibsecurity/50210 2025-10-06 07:38:48+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3m2j46vhouyz2...
CVE-2022-41245
A cross-site request forgery CSRF vulnerability in Jenkins Worksoft Execution Manager Plugin 10.0.3.503 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2022-41245
A cross-site request forgery CSRF vulnerability in Jenkins Worksoft Execution Manager Plugin 10.0.3.503 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2022-41245
CVE-2022-41245 concerns the Jenkins Worksoft Execution Manager Plugin (versions 10.0.3.503 and earlier). The issue is a CSRF vulnerability that allows an attacker with Overall/Read permission to cause Jenkins to connect to an attacker-specified URL using attacker-specified credentials IDs obtaine...
CVE-2021-41245
creationtimestamp| type| source ---|---|--- 2022-04-05 18:27:57+00:00| seen| https://t.me/cibsecurity/40166...
CVE-2021-41245 Possible Cross-Site Request Forgery in Combodo iTop
Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.6 and 3.0.0, CSRF tokens generated by privUITransactionFile aren't properly checked. Versions 2.7.6 and 3.0.0 contain a patch for this issue. As a workaround, use the session implementation by adding in the iTop conf...