Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2025-14655

Malicious code in bioql PyPI...

6.1CVSS9.1AI score0.00203EPSS
Exploits2References6
RedhatCVE
RedhatCVE
added 2025/05/15 4:34 p.m.20 views

CVE-2025-46721

nosurf is cross-site request forgery CSRF protection middleware for Go. A vulnerability in versions prior to 1.2.0 allows an attacker who controls content on the target site, or on a subdomain of the target site either via XSS, or otherwise to bypass CSRF checks and issue requests on user's behal...

6.1CVSS6.7AI score0.00203EPSS
Exploits2References1
Github Security Blog
Github Security Blog
added 2025/05/14 2:56 p.m.24 views

nosurf vulnerable to CSRF due to non-functional same-origin request checks

Impact This vulnerability allows an attacker who controls content on the target site, or on a subdomain of the target site either via XSS, or otherwise to bypass Cross-Site Request Forgery checks and issue requests on user's behalf. Details Due to misuse of the Go net/http library, nosurf...

6.1CVSS6.7AI score0.00203EPSS
Exploits2References7Affected Software1
OSV
OSV
added 2025/05/14 2:56 p.m.6 views

GHSA-W9HF-35Q4-VCJW nosurf vulnerable to CSRF due to non-functional same-origin request checks

Impact This vulnerability allows an attacker who controls content on the target site, or on a subdomain of the target site either via XSS, or otherwise to bypass Cross-Site Request Forgery checks and issue requests on user's behalf. Details Due to misuse of the Go net/http library, nosurf...

6CVSS6AI score0.00203EPSS
Exploits2References7
Cvelist
Cvelist
added 2025/05/13 3:29 p.m.20 views

CVE-2025-46721 nosurf vulnerable to CSRF due to non-functional same-origin request checks

nosurf is cross-site request forgery CSRF protection middleware for Go. A vulnerability in versions prior to 1.2.0 allows an attacker who controls content on the target site, or on a subdomain of the target site either via XSS, or otherwise to bypass CSRF checks and issue requests on user's behal...

6CVSS0.00203EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2025/04/14 12:0 a.m.5 views

PT-2025-20924 · Nosurf · Nosurf

Name of the Vulnerable Software and Affected Versions: nosurf versions prior to 1.2.0 Description: A vulnerability in nosurf allows an attacker who controls content on the target site, or on a subdomain of the target site, to bypass CSRF checks and issue requests on a user's behalf. This is due t...

9.8CVSS5.9AI score0.00825EPSS
Exploits4References32
Rows per page
Query Builder