CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

122 matches found

CNVD•added 2016/08/14 12:0 a.m.•3 views

IBM Forms Experience Builder Cross-Site Request Forgery Vulnerability

IBM Forms Experience Builder is a suite of applications for creating Web forms for Web sites. A cross-site request forgery vulnerability exists in IBM Forms Experience Builder that allows a remote attacker to construct a malicious URI, trick a user into parsing it, and perform malicious actions i...

8CVSS6.8AI score0.00478EPSS

Exploits0References1

CNVD•added 2016/08/07 12:0 a.m.•2 views

Grails console cross-site request forgery vulnerability

Grails is a set of Groovy-based programming language and for rapid development of Web applications and open source framework. console is one of the Web-based Groovy interactive application management and debugging console plug-ins. A cross-site request forgery vulnerability exists in Grails...

8.8CVSS6.9AI score0.00817EPSS

Exploits1References1

Check Point Advisories•added 2016/07/17 12:0 a.m.•4 views

Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4230)

A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...

10CVSS3.7AI score0.32226EPSS

CNVD•added 2016/06/19 12:0 a.m.•3 views

I-O DATA DEVICE ETX-R Cross-Site Request Forgery Vulnerability

The I-O DATA DEVICE ETX-R is a router product from I-O DATA DEVICE Japan. The I-O DATA DEVICE ETX-R suffers from a cross-site request forgery vulnerability that allows remote attackers to construct malicious URIs, trick users into parsing them, and can perform malicious actions in the context of...

8.8CVSS6.9AI score0.00629EPSS

Exploits0References1

CNVD•added 2016/05/07 12:0 a.m.•3 views

ImageMagick Studio ImageMagick Server-Side Request Forgery Vulnerability

ImageMagick Studio ImageMagick is the United States a set of open source image processing software. A server-side request forgery vulnerability exists in the HTTP and FTP encoders of ImageMagick Studio ImageMagick, which allows remote attackers to construct malicious URIs, trick users into parsin...

5.5CVSS9AI score0.76897EPSS

Exploits4References1

Check Point Advisories•added 2016/04/12 12:0 a.m.•1 views

Adobe Flash Player Use After Free Code Execution (APSB16-10: CVE-2016-1017)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

9.3CVSS3.5AI score0.06102EPSS

CNVD•added 2016/02/08 12:0 a.m.•2 views

McAfee Vulnerability Manager Enterprise Manager Component Cross-Site Request Forgery Vulnerability

McAfee Vulnerability Manager is a security risk management solution from McAfee USA. A cross-site request forgery vulnerability exists in the Organizations and Remediation administration page in the Enterprise Manager component of McAfee Vulnerability Manager, which allows remote attackers to...

8.8CVSS6.9AI score0.0055EPSS

Exploits0References1

CNVD•added 2016/01/11 12:0 a.m.•1 views

IBM Connections Cross-Site Request Forgery Vulnerability

IBM Connections is a suite of social software platforms. The platform provides advanced analytics and real-time data monitoring capabilities and accelerates web collaboration within and outside the organization through IBM SmartCloud services. IBM Connections suffers from a cross-site request...

6.8CVSS6.8AI score0.00406EPSS

Exploits0References1

CNVD•added 2015/12/20 12:0 a.m.•2 views

HP StoreOnce Backup System Cross-Site Request Forgery Vulnerability

HP StoreOnce Backup System is a disk-based backup system. A cross-site request forgery vulnerability exists in HP StoreOnce Backup System, which allows remote attackers to construct malicious URIs, trick users into parsing them, and can perform malicious actions in the context of the target user...

8.8CVSS6.9AI score0.01338EPSS

Exploits0References1

CNVD•added 2015/09/27 12:0 a.m.•2 views

Aruba Networks Mobility Controller Cross-Site Request Forgery Vulnerability

Aruba Networks Mobility Controller is a suite of solutions that provide mobile access for the enterprise. A cross-site request forgery vulnerability exists in Aruba Networks Mobility Controller, which allows remote attackers to construct malicious URIs, trick users into parsing them, and can...

Exploits0References1

CNVD•added 2015/09/20 12:0 a.m.•1 views

Securifi Almond Cross-Site Request Forgery Vulnerability

Securifi Almond is a wireless router product from Securifi. Securifi Almond uses a default password and suffers from a cross-site request forgery vulnerability that allows remote attackers to construct malicious URIs, trick users into parsing them, and can perform malicious actions in the context...

7.3CVSS7.1AI score0.00862EPSS

Exploits0References1

CNVD•added 2015/07/20 12:0 a.m.•2 views

EMC Documentum CenterStage Cross-Site Scripting Vulnerability

EMC Documentum CenterStage is a document management service. A cross-site scripting vulnerability in EMC Documentum CenterStage allows remote attackers to construct malicious URIs, trick users into parsing them, and perform malicious actions in the context of the target user...

3.5CVSS6.3AI score0.01412EPSS

Exploits0References1

CNVD•added 2015/07/20 12:0 a.m.•2 views

Cisco Unified Intelligence Center Cross-Site Request Forgery Vulnerability (CNVD-2015-04963)

Cisco Unified Intelligence Center is a unified intelligence management center. A cross-site request forgery vulnerability exists in the Cisco Unified Intelligence Center WEB interface, which allows remote attackers to construct malicious URIs, trick users into parsing them, and can perform...

6.8CVSS6.9AI score0.00824EPSS

Exploits0References1

CNVD•added 2015/07/16 12:0 a.m.•3 views

Cisco Identity Services Engine Cross-Site Request Forgery Vulnerability

Cisco Identity Services Engine A centralized policy engine for Cisco TrustSec solutions. A cross-site request forgery vulnerability exists in the Cisco Identity Services Engine, which allows remote attackers to construct malicious URIs, trick users into resolving them, and perform malicious actio...

6.8CVSS6.9AI score0.00996EPSS

Exploits0References1

CNVD•added 2015/07/12 12:0 a.m.•1 views

Cisco TelePresence IP Gateway Device Cross-Site Request Forgery Vulnerability

The Cisco TelePresence IP Gateway is a telepresence IP gateway device. A cross-site request forgery vulnerability exists in the Cisco TelePresence IP Gateway appliance that allows remote attackers to construct malicious URIs, trick users into parsing them, and can perform malicious actions in the...

6.8CVSS6.9AI score0.00996EPSS

Exploits0References1

CNVD•added 2015/06/10 12:0 a.m.•3 views

Wing FTP Server Cross-Site Request Forgery Vulnerability

Wing FTP Server is a professional cross-platform FTP server side with decent speed, reliability and a user-friendly configuration interface. A cross-site request forgery vulnerability exists in Wing FTP Server. It allows remote attackers to construct malicious URIs, trick users into parsing them,...

6.8CVSS6.9AI score0.0237EPSS

Exploits2References1

CNVD•added 2015/06/10 12:0 a.m.•1 views

Adobe Flash Player Cross-Site Request Forgery Vulnerability

Adobe Flash Player is a Flash file handling program. Adobe Flash Player suffers from a cross-site request forgery vulnerability that allows remote attackers to construct malicious URIs, trick users into parsing them, and can perform malicious actions in the context of the target user, due to an...

6.8CVSS6.9AI score0.03507EPSS

Exploits0References1

CNVD•added 2015/06/07 12:0 a.m.•2 views

XZERES 442SR OS Cross-Site Request Forgery Vulnerability (CNVD-2015-03663)

The XZERES 442SR OS is a 442SR model turbine generator. The XZERES 442SR OS suffers from a cross-site request forgery vulnerability that allows a remote attacker to construct a malicious URI, trick a user into resolving it, and can perform malicious actions in the context of the target user...

6.8CVSS6.9AI score0.00636EPSS

Exploits0References1

CNVD•added 2015/05/20 12:0 a.m.•3 views

Cisco Unified Customer Voice Portal Cross-Site Request Forgery Vulnerability

Cisco Unified Customer Voice Portal CVP provides voice and video self-service. A cross-site request forgery vulnerability exists in Cisco Unified Customer Voice Portal, where the program fails to properly validate user input, allowing a remote attacker to construct a malicious URI, trick the user...

6.8CVSS6.9AI score0.00722EPSS

Exploits0References1

CNVD•added 2015/05/20 12:0 a.m.•1 views

WSO2 Identity Server /carbon/user/add-finish.jsp User Cross-Site Request Forgery Vulnerability

WSO2 Identity Server is an open source identity services , support for Information Cards, OpenID and XACML. WSO2 Identity Server /carbon/user/add-finish.jsp has a cross-site request forgery vulnerability that allows remote attackers to construct malicious URIs, entice users to parse them, and...

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by