CVE-2026-20069

A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This...

WordPress plugin Import into Easy Property Listings 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is ...

Beward N100 安全漏洞

Beward N100 is an IP camera from the Russian company Beward. A security vulnerability exists in Beward N100 version M2.1.6, which stems from a lack of proper request validation and could lead to a cross-site request forgery attack...

EUVD-2025-7453

Malicious code in bioql PyPI...

CVE-2024-56924

A Cross Site Request Forgery CSRF vulnerability in Code Astro Internet banking system 2.0.0 allows remote attackers to execute arbitrary JavaScript on the admin page pagesaccount, potentially leading to unauthorized actions such as changing account settings or stealing sensitive user information...

CVE-2021-41554

ARCHIBUS Web Central 21.3.3.815 a version from 2014 does not properly validate requests for access to data and functionality in these affected endpoints: /archibus/schema/ab-edit-users.axvw, /archibus/schema/ab-data-dictionary-table.axvw, /archibus/schema/ab-schema-add-field.axvw,...

Cross-Site Request Forgery (CSRF)

org.jenkins-ci.main, jenkins-core is vulnerable to Cross-site request forgery CSRF. The vulnerability is due to improper request validation, which allows unauthorized state changes in Jenkins' UI when a user unknowingly triggers a malicious request...

Input validation

Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...

Input validation

Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...

CVE-2023-20159 Cisco Small Business Series Switches Buffer Overflow Vulnerabilities

Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...

SonicOS SSLVPN External Service Interaction (DNS) Vulnerability

SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction DNS due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and earlier. CVE: CVE-2020-5130 Last updated: July 16, 2020, 9:26 a.m...

Cross-Site Request Forgery Vulnerability in Multiple IBM Products (CNVD-2017-10743)

IBM Global Retention Policy and Schedule Management is a single retention management system. An unspecified cross-site request forgery vulnerability exists in multiple IBM products, which stems from a program's failure to properly validate HTTP requests. A remote attacker could exploit the...

Pivotal Software Spring Social Core Cross-Site Request Forgery Vulnerability

Pivotal Software Spring Social Core is a set of APIs for connecting social services from Pivotal Software, USA. A cross-site request forgery vulnerability exists in Pivotal Software Spring Social Core versions 1.0.0 to 1.0.3 and 1.1.0 to 1.1.2, which stems from the program failing to properly...

Vesta Control Panel Cross-Site Request Forgery Vulnerability

Vesta Control Panel is an open source web hosting control panel. A cross-site request forgery vulnerability exists in Vesta Control Panel. As the program fails to properly validate HTTP requests. An attacker could use this vulnerability to perform unauthorized actions on a user's logged in...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container...

CVE-2013-1088

Cross-site request forgery CSRF vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container...

Debian DSA-224-1 : canna - buffer overflow and more

Several vulnerabilities have been discovered in canna, a Japanese input system. The Common Vulnerabilities and Exposures CVE project identified the following vulnerabilities : - CAN-2002-1158 BugTraq Id 6351: 'hsj' of Shadow Penguin Security discovered a heap overflow vulnerability in the...