CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

544 matches found

Veracode•added 2022/09/23 4:56 a.m.•22 views

Cross-Site Request Forgery (CSRF)

rdiffweb is vulnerable to cross-site request forgery. The vulnerability exists because the renderprefspanel function in prefnotification.py does not properly handle the passwordform and profileform attributes, allowing an attacker to change the email ID of the user by redirecting to the malicious...

3.5CVSS4.9AI score0.00364EPSS

Exploits1References4Affected Software1

OSV•added 2022/09/23 12:0 a.m.•22 views

GHSA-GMJ8-84R4-H46J rdiffweb Cross-Site Request Forgery vulnerability can lead to user email ID being changed

rdiffwen prior to version 2.4.7 is vulnerable to Cross-Site Request Forgery CSRF. An attacker can change a user's email ID. Version 2.4.7 has a fix for this issue...

7.1CVSS4AI score0.00364EPSS

Exploits1References5

Github Security Blog•added 2022/09/23 12:0 a.m.•53 views

rdiffweb Cross-Site Request Forgery vulnerability can lead to user email ID being changed

rdiffwen prior to version 2.4.7 is vulnerable to Cross-Site Request Forgery CSRF. An attacker can change a user's email ID. Version 2.4.7 has a fix for this issue...

7CVSS5.1AI score0.00364EPSS

Exploits1References5Affected Software1

OSV•added 2022/09/23 12:0 a.m.•13 views

GHSA-74J6-3HH4-W3F5 rdiffweb Cross-Site Request Forgery vulnerability

rdiffweb prior to 2.4.6 is vulnerable to cross-site request forgery on the repository settings. A malicious user can change the settings of a repository by sending a URL to the victim. This issue is fixed in version 2.4.6...

5.3CVSS4.2AI score0.0031EPSS

Exploits1References5

Github Security Blog•added 2022/09/23 12:0 a.m.•29 views

rdiffweb Cross-Site Request Forgery vulnerability

rdiffweb prior to 2.4.6 is vulnerable to cross-site request forgery on the repository settings. A malicious user can change the settings of a repository by sending a URL to the victim. This issue is fixed in version 2.4.6...

6.8CVSS4.8AI score0.0031EPSS

Exploits1References5Affected Software1

CNNVD•added 2022/09/23 12:0 a.m.•3 views

Rdiffweb 授权问题漏洞

Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. Provides quick access to your archives through an efficient web interface. An authorization issue vulnerability exists in Rdiffweb versions prior to 2.4.7, which can be exploited by an attacker to steal cookies...

9.8CVSS6.7AI score0.00706EPSS

Exploits1References3

NVD•added 2022/09/22 7:15 p.m.•28 views

CVE-2022-3274

Cross-Site Request Forgery CSRF in GitHub repository ikus060/rdiffweb prior to 2.4.7...

7CVSS0.00364EPSS

Exploits1References2

Prion•added 2022/09/22 7:15 p.m.•18 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF in GitHub repository ikus060/rdiffweb prior to 2.4.7...

3.5CVSS4.3AI score0.00364EPSS

Exploits1References2Affected Software1

PyPA•added 2022/09/22 7:15 p.m.•7 views

PYSEC-2022-289

Cross-Site Request Forgery CSRF in GitHub repository ikus060/rdiffweb prior to 2.4.7...

7CVSS6.7AI score0.00364EPSS

Exploits1References3Affected Software1

Cvelist•added 2022/09/22 6:15 p.m.•33 views

CVE-2022-3274 Cross-Site Request Forgery (CSRF) on user's settings in GitHub repository ikus060/rdiffweb prior to 2.4.6. in ikus060/rdiffweb

Cross-Site Request Forgery CSRF in GitHub repository ikus060/rdiffweb prior to 2.4.7...

7CVSS4.8AI score0.00364EPSS

Exploits1References2

Vulnrichment•added 2022/09/22 6:15 p.m.•4 views

CVE-2022-3274 Cross-Site Request Forgery (CSRF) on user's settings in GitHub repository ikus060/rdiffweb prior to 2.4.6. in ikus060/rdiffweb

Cross-Site Request Forgery CSRF in GitHub repository ikus060/rdiffweb prior to 2.4.7...

7CVSS4.4AI score0.00364EPSS

Exploits1References2

OSV•added 2022/09/22 6:15 p.m.•19 views

CVE-2022-3274 Cross-Site Request Forgery (CSRF) on user's settings in GitHub repository ikus060/rdiffweb prior to 2.4.6. in ikus060/rdiffweb

Cross-Site Request Forgery CSRF in GitHub repository ikus060/rdiffweb prior to 2.4.7...

7CVSS5.9AI score0.00364EPSS

Exploits1References4

CVE•added 2022/09/22 6:15 p.m.•89 views

CVE-2022-3274

CVE-2022-3274 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the rdiffweb project (GitHub: ikus060/rdiffweb) prior to version 2.4.7. Multiple connected sources describe CSRF exposure that can allow an attacker to change a user's email address/settings. The confirmed remediation is...

7CVSS4.3AI score0.00364EPSS

Exploits1References2Affected Software1

NVD•added 2022/09/22 10:15 a.m.•28 views

CVE-2022-3267

Cross-Site Request Forgery CSRF in GitHub repository ikus060/rdiffweb prior to 2.4.6...

6.8CVSS0.0031EPSS

Exploits1References2

PyPA•added 2022/09/22 10:15 a.m.•7 views

PYSEC-2022-284

Cross-Site Request Forgery CSRF in GitHub repository ikus060/rdiffweb prior to 2.4.6...

6.8CVSS6.7AI score0.0031EPSS

Exploits1References3Affected Software1

Prion•added 2022/09/22 10:15 a.m.•12 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF in GitHub repository ikus060/rdiffweb prior to 2.4.6...

4.3CVSS4.6AI score0.0031EPSS

Exploits1References2Affected Software1

OSV•added 2022/09/22 10:15 a.m.•30 views

PYSEC-2022-284

Cross-Site Request Forgery CSRF in GitHub repository ikus060/rdiffweb prior to 2.4.6...

6.8CVSS2.8AI score0.0031EPSS

Exploits1References3

Vulnrichment•added 2022/09/22 9:20 a.m.•11 views

CVE-2022-3267 Cross-Site Request Forgery (CSRF) in ikus060/rdiffweb

Cross-Site Request Forgery CSRF in GitHub repository ikus060/rdiffweb prior to 2.4.6...

6.8CVSS4.6AI score0.0031EPSS

Exploits1References2

Cvelist•added 2022/09/22 9:20 a.m.•27 views

CVE-2022-3267 Cross-Site Request Forgery (CSRF) in ikus060/rdiffweb

Cross-Site Request Forgery CSRF in GitHub repository ikus060/rdiffweb prior to 2.4.6...

6.8CVSS5AI score0.0031EPSS

Exploits1References2

CVE•added 2022/09/22 9:20 a.m.•67 views

CVE-2022-3267

CVE-2022-3267 affects the rdiffweb project (ikus060/rdiffweb), with a Cross-Site Request Forgery (CSRF) in repository settings prior to version 2.4.6. The vulnerability could allow an attacker to modify repository settings when a victim is authenticated, as indicated by multiple sources in the co...

6.8CVSS4.8AI score0.0031EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by