12 matches found
CVE-2020-10671
The Canon Oce Colorwave 500 4.0.0.0 printer's web application is missing any form of CSRF protections. This is a system-wide issue. An attacker could perform administrative actions by targeting a logged-in administrative user. NOTE: this is fixed in the latest version...
EUVD-2017-16826
Malware in sbrugna...
EUVD-2020-3115
Malware in sbrugna...
EUVD-2020-23338
Malware in sbrugna...
EUVD-2015-6666
Malware in sbrugna...
EUVD-2022-5083
Malicious code in bioql PyPI...
EUVD-2024-52734
Malicious code in bioql PyPI...
ROS-20250806-13
Golang programming language vulnerability is related to improper input validation. Exploitation exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code A vulnerability in the crypto-elliptic component of the Golang programming language is related to the...
CVE-2025-27792 Opal vulnerable to CSRF protection bypass
Opal is OBiBa’s core database application for biobanks or epidemiological studies. Prior to version 5.1.1, the protections against cross-site request forgery CSRF were insufficient application-wide. The referrer header is checked, and if it is invalid, the server returns 403. However, the referre...
CVE-2024-55076
Grocy through 4.3.0 has no CSRF protection, as demonstrated by changing the Administrator's password. Affected product is the Grocy web application up to version 4.3.0. Root cause and impact are stated in the CVE description; the practical consequence is CSRF vulnerability enabling unauthorized p...
CVE-2020-11919
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. There is no CSRF protection...
PT-2022-24573 · WordPress · Disable Json Api
Name of the Vulnerable Software and Affected Versions: Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan WordPress plugin versions prior to 4.20 Description: The issue concerns a lack of proper authorization and CSRF protection in an AJAX action within the...