CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-0750

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00134EPSS

Exploits0References6

RedhatCVE•added 2025/05/23 3:23 a.m.•5 views

CVE-2023-25015

Clockwork Web before 0.1.2, when Rails before 5.2 is used, allows CSRF...

6.5CVSS6.8AI score0.00134EPSS

Exploits0References1

Snyk•added 2023/02/02 11:56 a.m.•1 views

Cross-site Request Forgery (CSRF)

Overview clockworkweb is a web interface for Clockwork Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the homecontroller.rb class. Remediation Upgrade clockworkweb to version 0.1.2 or higher. References - GitHub Commit - GitHub Issue...

6.5CVSS7AI score0.00134EPSS

Exploits0References2

OSV•added 2023/02/02 6:30 a.m.•16 views

GHSA-P4XX-W6FR-C4W9 Clockwork Web contains a Cross-Site Request Forgery Vulnerability with Rails < 5.2

Clockwork Web before 0.1.2, when used with Rails before 5.2 is used, allows Cross-Site Request Forgery CSRF. A CSRF attack works by getting an authorized user to visit a malicious website and then performing requests on behalf of the user. In this instance, actions include enabling and disabling...

6.5CVSS6.3AI score0.00134EPSS

Exploits0References6

Github Security Blog•added 2023/02/02 6:30 a.m.•19 views

Clockwork Web contains a Cross-Site Request Forgery Vulnerability with Rails < 5.2

6.5CVSS6.3AI score0.00134EPSS

Exploits0References6Affected Software1

NVD•added 2023/02/02 4:15 a.m.•8 views

CVE-2023-25015

Clockwork Web before 0.1.2, when Rails before 5.2 is used, allows CSRF...

6.5CVSS6.5AI score0.00134EPSS

Exploits0References3

OSV•added 2023/02/02 4:15 a.m.•7 views

CVE-2023-25015

Clockwork Web before 0.1.2, when Rails before 5.2 is used, allows CSRF...

6.5CVSS6.5AI score

Exploits0References3

Prion•added 2023/02/02 4:15 a.m.•13 views

Cross site request forgery (csrf)

Clockwork Web before 0.1.2, when Rails before 5.2 is used, allows CSRF...

4.3CVSS6.5AI score0.00134EPSS

Exploits0References3Affected Software1

CNNVD•added 2023/02/02 12:0 a.m.•1 views

Clockwork Web 跨站请求伪造漏洞

Clockwork Web is the web interface for Clockwork. A security vulnerability exists in Clockwork Web versions prior to 0.1.2, which stems from a cross-site request forgery when using Rails versions prior to 5.2...

6.5CVSS6.2AI score0.00134EPSS

Exploits0References4

CVE•added 2023/02/02 12:0 a.m.•115 views

CVE-2023-25015

CVE-2023-25015 concerns Clockwork Web prior to 0.1.2 when used with Rails

6.5CVSS6.4AI score0.00134EPSS

Exploits0References3Affected Software1

Cvelist•added 2023/02/02 12:0 a.m.•11 views

CVE-2023-25015

Clockwork Web before 0.1.2, when Rails before 5.2 is used, allows CSRF...

6.7AI score0.00134EPSS

Exploits0References3

Vulnrichment•added 2023/02/02 12:0 a.m.•4 views

CVE-2023-25015

Clockwork Web before 0.1.2, when Rails before 5.2 is used, allows CSRF...

7.2AI score0.00134EPSS

Exploits0References3

RubySec•added 2023/02/01 12:0 a.m.•17 views

CSRF Vulnerability with Rails < 5.2

Clockwork Web is vulnerable to cross-site request forgery CSRF with Rails 5.2. A CSRF attack works by getting an authorized user to visit a malicious website and then performing requests on behalf of the user. In this instance, actions include enabling and disabling jobs...

6.5CVSS2.4AI score0.00134EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by