Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

386 matches found

Debian
Debianadded 2017/07/14 7:34 p.m.18 views

[SECURITY] [DSA 3910-1] knot security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3910-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez July 14, 2017 https://www.debian.org/security/faq -...

5.9CVSS5.6AI score0.01978EPSS
Exploits1
CNVD
CNVDadded 2017/06/30 12:0 a.m.3 views

Belden Hirschmann GECKO Server-Side Request Forgery Vulnerability

The Belden Hirschmann GECKO is the lean managed industrial Ethernet switch. A server-side request forgery vulnerability exists in the Belden Hirschmann GECKO switch. The vulnerability stems from the program failing to adequately validate requests. An attacker could exploit the vulnerability by...

6.5CVSS6.7AI score0.00152EPSS
Exploits0References1
CNVD
CNVDadded 2017/02/20 12:0 a.m.2 views

Google Chrome Omnibox Address Forgery Vulnerability (CNVD-2017-02098)

Google Chrome is a popular web browser. An address forgery vulnerability exists in Google Chrome Omnibox, which allows remote attackers to exploit the vulnerability to build malicious WEB pages that can be tricked into parsing and can deceive users...

6.5CVSS9AI score0.00556EPSS
Exploits0References1
CNVD
CNVDadded 2016/12/07 12:0 a.m.2 views

Google Chrome Omnibox Address Spoofing Vulnerability (CNVD-2016-12113)

Google Chrome is a web browser developed by Google, Inc. and Omnibox is a real-time search engine. A security vulnerability exists in Omnibox in versions of Google Chrome prior to 55.0.2883.75. An attacker can exploit the vulnerability to forge address information...

6.5CVSS9AI score0.00335EPSS
Exploits0References1
NVD
NVDadded 2016/11/30 11:59 a.m.21 views

CVE-2016-3004

Cross-site request forgery CSRF vulnerability in IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated users to hijack the authentication of arbitrary users for requests that modify the set of available applications...

4.9CVSS4.8AI score0.00072EPSS
Exploits0References3
CNVD
CNVDadded 2016/09/05 12:0 a.m.1 views

Google Chrome Address Bar Forgery Vulnerability (CNVD-2016-07211)

Google Chrome is a web browser developed by the American company Google Google. An address bar forgery vulnerability exists in versions of Google Chrome prior to 53.0.2785.89. An attacker can exploit this vulnerability to forge the contents of the address bar...

4.3CVSS8.9AI score0.01462EPSS
Exploits0References1
CNVD
CNVDadded 2016/04/20 12:0 a.m.4 views

EMC ViPR SRM Cross-Site Request Forgery Vulnerability

EMC ViPR SRM is storage resource management software. A cross-site request forgery vulnerability exists in multiple administration pages of EMC ViPR SRM, which could allow an attacker to execute unauthorized requests as an administrator...

8.8CVSS7.1AI score0.03087EPSS
Exploits5References1
OSV
OSVadded 2016/02/16 12:0 a.m.14 views

DLA-418-1 wordpress - security update

Bulletin has no description...

8.6CVSS7.8AI score0.05172EPSS
Exploits1
CNVD
CNVDadded 2016/02/08 12:0 a.m.1 views

CloudBees Jenkins CI and LTS Request Forgery Vulnerability

CloudBees Jenkins CI is a set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . LTS is a long-term support for CloudBees Jenkins CI version . A reque...

8.8CVSS7.1AI score0.00397EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2016/02/05 12:0 a.m.39 views

FreeBSD : py-rsa -- Bleichenbacher'06 signature forgery vulnerability (e78bfc9d-cb1e-11e5-b251-0050562a4d7b)

Filippo Valsorda reports : python-rsa is vulnerable to a straightforward variant of the Bleichenbacher'06 attack against RSA signature verification with low public exponent. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

5.3CVSS6.2AI score0.03132EPSS
Exploits1References7
0day.today
0day.todayadded 2015/11/07 12:0 a.m.25 views

MyWebSQL 3.6 Cross Site Request Forgery Vulnerability

MyWebSQL version 3.6 suffers from a cross site request forgery vulnerability. 1. Introduction Affected Product: MyWebSQL 3.6 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://mywebsql.net/ Vulnerability Type: CSRF Remote Exploitable: Yes Reported to vendor: 09/01/2015 Disclosed t...

7AI score
Exploits0
CNVD
CNVDadded 2015/09/06 12:0 a.m.3 views

Google Chrome monibox character forgery vulnerability

Google Chrome is a WEB-based browser. The UnescapeURLWithAdjustmentsImpl implementation in Google Chrome net/base/escape.cc fails to properly handle unicode LOCK characters in omnibox, allowing remote attackers to construct malicious WEB pages that trick users into parsing them, which can be used...

5CVSS9AI score0.00871EPSS
Exploits0References1
htbridge
htbridgeadded 2015/08/12 12:0 a.m.495 views

Cross-Site Request Forgery in Cerb

High-Tech Bridge Security Research Lab discovered CSRF vulnerability in Cerb platform, which can be exploited to perform Cross-Site Request Forgery attacks against administrators of vulnerable web application to add administrate accounts into the system. The vulnerability exists due to failure of...

5.1CVSS0.6AI score0.05095EPSS
Exploits5Affected Software1
CNVD
CNVDadded 2015/06/01 12:0 a.m.1 views

Multiple Blue Coat Systems SSL Visibility Appliance Products Cross-Site Request Forgery Vulnerabilities

The Blue Coat Systems SSL Visibility Appliance SV800 is a management appliance that provides complete visibility into encrypted traffic from Blue Coat Systems, USA. The appliance provides a dedicated encrypted traffic management platform, easy-to-use policy enforcement points and adaptive securit...

4.3CVSS6.9AI score0.00353EPSS
Exploits0References1
Packet Storm
Packet Stormadded 2014/11/19 12:0 a.m.30 views

Snowfox CMS 1.0 Cross Site Request Forgery

input type="hidden" name="userGroups...

0.4AI score
Exploits0
Debian
Debianadded 2014/09/26 7:31 p.m.34 views

[SECURITY] [DSA 3037-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3037-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez September 26, 2014 http://www.debian.org/security/faq -...

7.5CVSS6AI score0.336EPSS
Exploits0
Exploit DB
Exploit DBadded 2014/01/07 12:0 a.m.27 views

Command School Student Management System - '/sw/backup/backup_ray2.php' Database Backup Direct Request Information Disclosure

source: https://www.securityfocus.com/bid/64707/info Command School Student Management System is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. A cross-site request forgery vulnerability 3. A cross-site scripting vulnerability 4. An HTML injection...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2014/01/07 12:0 a.m.32 views

Dredge School Administration System - DSMloader.php Cross-Site Request Forgery (Admin Account Manipulation)

Dredge School Administration System - DSMloader.php Cross-Site Request Forgery Admin Account Manipulation source: https://www.securityfocus.com/bid/64720/info Dredge School Administration System is prone to the following security vulnerabilities: 1. An SQL-injection vulnerability 2. A cross-site...

0.3AI score
Exploits0
exploitpack
exploitpackadded 2014/01/07 12:0 a.m.18 views

Dredge School Administration System - DSMloader.php Account Information Disclosure

Dredge School Administration System - DSMloader.php Account Information Disclosure source: https://www.securityfocus.com/bid/64720/info Dredge School Administration System is prone to the following security vulnerabilities: 1. An SQL-injection vulnerability 2. A cross-site request forgery...

7.2AI score
Exploits0
Exploit DB
Exploit DBadded 2014/01/07 12:0 a.m.20 views

Dredge School Administration System - '/DSM/loader.php' Account Information Disclosure

source: https://www.securityfocus.com/bid/64720/info Dredge School Administration System is prone to the following security vulnerabilities: 1. An SQL-injection vulnerability 2. A cross-site request forgery vulnerability 3. A cross-site scripting vulnerability 4. An information-disclosure...

7.4AI score
Exploits0
Rows per page
Query Builder