Lucene search
+L

164 matches found

CNNVD
CNNVD
added 2021/05/20 12:0 a.m.6 views

pajbot 跨站请求伪造漏洞

pajbot is a software application. A twitch chatbot. A cross-site request forgery vulnerability exists in versions prior to Pajbot 1.52, which stems from a WEB application that does not adequately validate that a request is coming from a trusted user. An attacker could exploit the vulnerability to...

4.3CVSS5.5AI score0.00586EPSS
Exploits1References5
CNNVD
CNNVD
added 2021/02/24 12:0 a.m.7 views

IBM FileNet Content Manager 跨站请求伪造漏洞

IBM FileNet Content Manager is a content management solution for the FileNet P8 platform from IBM USA. The solution combines document management with ready-to-use workflow tools to manage images, video, Web content, compliance documents, and more. IBM FileNet Content Manager suffers from a...

5.7AI score
Exploits0References1
CNNVD
CNNVD
added 2021/02/10 12:0 a.m.7 views

IBM Security Verify Information Queue 跨站请求伪造漏洞

IBM Security Verify Information Queue is a cross-product integrator that leverages Kafka technology and a publish/subscribe model to integrate data between IBM security products. A cross-site request forgery vulnerability exists in IBM Security Verify Information Queue. An attacker could exploit...

8.8CVSS6.1AI score0.00373EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/02/09 12:0 a.m.7 views

Owncloud ownCloud 跨站请求伪造漏洞

Owncloud ownCloud is a set of personal cloud storage solutions from the American company ownCloud Owncloud. A cross-site request forgery vulnerability exists in OwnCloud Core, which stems from a WEB application that does not adequately validate whether a request is coming from a trusted user, and...

4.3CVSS5.7AI score0.00461EPSS
Exploits0References1
OSV
OSV
added 2021/02/04 5:15 p.m.3 views

CVE-2020-4827

IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 189841...

4.3CVSS5.7AI score0.00398EPSS
Exploits0References2
CNVD
CNVD
added 2021/01/05 12:0 a.m.4 views

IBM Cloud Pak System Cross-Site Request Forgery Vulnerability (CNVD-2021-01065)

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. A cross-site request forgery vulnerability exists in IBM Cloud Pak System 2.3. An attacker could exploit this vulnerability to perform malicious and unauthorized actions...

8.8CVSS6.7AI score0.00425EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/04 12:0 a.m.8 views

IBM Cloud Pak System 跨站请求伪造漏洞

IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. A cross-site request forgery vulnerability exists in IBM Cloud Pak System 2.3. An attacker could exploit this vulnerability to perform malicious and unauthorized actions...

8.8CVSS6.1AI score0.00425EPSS
Exploits0References3
CNNVD
CNNVD
added 2020/12/25 12:0 a.m.9 views

Esri Arcgis Server 代码问题漏洞

Esri Arcgis Server is the United States Esri company's a Web-oriented can be used to provide geographic location services, enterprise-class software platform. A security vulnerability exists in Esri ArcGIS Server versions prior to 10.8, which stems from a configuration that does not adequately...

9.8CVSS7.3AI score0.01644EPSS
Exploits0References4
CNVD
CNVD
added 2020/12/21 12:0 a.m.3 views

IBM Planning Analytics Cross-Site Request Forgery Vulnerability (CNVD-2020-74626)

IBM Planning Analytics is a planning, budgeting, forecasting and analytics solution. A cross-site request forgery vulnerability exists in IBM Planning Analytics 2.0. An attacker could exploit this vulnerability to perform malicious and unauthorized actions transmitted from a user trusted by the...

6.5CVSS6.7AI score0.00398EPSS
Exploits0References1
CNVD
CNVD
added 2020/12/03 12:0 a.m.4 views

Red Hat CloudForms Cross-Site Request Forgery Vulnerability

Red Hat CloudForms is a hybrid infrastructure management platform from Red Hat, Inc. The platform provides deployment, management, and other capabilities across virtual machines, clouds, containers, and physical infrastructure. Red Hat CloudForms suffers from a cross-site request forgery...

6.8CVSS6.7AI score0.00335EPSS
Exploits0References1
CNVD
CNVD
added 2020/11/06 12:0 a.m.7 views

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) Cross-Site Request Forgery Vulnerability

Trend Micro InterScan Messaging Security Virtual Appliance IMSVA is an appliance for securing communications from Trend Micro. The Trend Micro InterScan Messaging Security Virtual Appliance IMSVA suffers from a cross-site request forgery vulnerability that arises from a web application that does...

8.8CVSS6.7AI score0.01875EPSS
Exploits2References1
CNVD
CNVD
added 2020/09/23 12:0 a.m.4 views

IBM Data Risk Manager Cross-Site Request Forgery Vulnerability

IBM Data Risk Manager is a data risk manager that helps discover, analyze and visualize business risks associated with data. A cross-site request forgery vulnerability exists in IBM Data Risk Manager 2.0.6. An attacker could exploit this vulnerability to perform malicious and unauthorized actions...

8.1CVSS9.1AI score0.00553EPSS
Exploits0References1
CNVD
CNVD
added 2020/08/25 12:0 a.m.3 views

IBM Security Guardium Insights Cross-Site Request Forgery Vulnerability

IBM Security Guardium Insights is a modern hybrid cloud data security hub designed to provide a reliable view of an organization's data security and compliance posture. A cross-site request forgery vulnerability exists in IBM Security Guardium Insights 2.0.1. An attacker could exploit this...

4.3CVSS6.7AI score0.00403EPSS
Exploits0References1
CNVD
CNVD
added 2020/08/18 12:0 a.m.2 views

McAfee Data Loss Prevention ePO extension Cross-Site Request Forgery Vulnerability

McAfee Data Loss Prevention Endpoint DLPe is an integrated endpoint data protection solution from McAfee, Inc. that prevents theft and accidental disclosure of confidential data and provides security policies for file processing and transmission, shared data flow control and data encryption. The...

7.6CVSS6.7AI score0.00487EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/22 12:0 a.m.9 views

Automattic WooCommerce Cross-Site Request Forgery Vulnerability

Automattic WooCommerce is the United States Automattic company's set of open source e-commerce platform based on WordPress . A cross-site request forgery vulnerability exists in Automattic WooCommerce versions prior to 3.6.5. The vulnerability stems from the WEB application not adequately verifyi...

8.8CVSS6.4AI score0.00534EPSS
Exploits0
OSV
OSV
added 2020/05/19 2:15 p.m.1 views

CVE-2020-4286

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 176268...

6.5CVSS5.7AI score0.00482EPSS
Exploits0References2
CNVD
CNVD
added 2020/04/28 12:0 a.m.4 views

Cross-Site Request Forgery Vulnerability in Multiple NETGEAR Products (CNVD-2020-28139)

The NETGEAR WAC505 and others are a wireless access point AP from NETGEAR. A cross-site request forgery vulnerability exists in multiple NETGEAR products, which stems from a WEB application that does not adequately validate that a request is coming from a trusted user, and can be exploited by an...

7.4CVSS7AI score0.00293EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/24 12:0 a.m.24 views

Cross-site Request Forgery Vulnerability in Multiple NETGEAR Products (CNVD-2021-59156)

NETGEAR JNR1010 and others are a wireless router from NETGEAR USA. A cross-site request forgery vulnerability exists in multiple NETGEAR products. The vulnerability stems from the WEB application not adequately verifying that the request is from a trusted user. An attacker could use the...

8.8CVSS2.9AI score0.0046EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/23 12:0 a.m.17 views

Cross-site Request Forgery Vulnerability in Multiple NETGEAR Products (CNVD-2021-59162)

NETGEAR WAC505 and others are a wireless access point AP from NETGEAR, Inc. A cross-site request forgery vulnerability exists in several NETGEAR products. The vulnerability stems from the WEB application not adequately verifying that the request is from a trusted user. An attacker could use the...

8CVSS2.6AI score0.00459EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/23 12:0 a.m.5 views

Cross-Site Request Forgery Vulnerability in Multiple NETGEAR Products (CNVD-2020-31321)

The NETGEAR R7500, among others, is a wireless router from NETGEAR. A cross-site request forgery vulnerability exists in a number of NETGEAR products. The vulnerability stems from a WEB application that does not adequately validate that a request is coming from a trusted user, and can be exploite...

8.8CVSS6.9AI score0.00539EPSS
Exploits0References1
Rows per page
Query Builder