CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-0216

Malware in sbrugna...

6.8CVSS6.3AI score0.00481EPSS

Exploits1References10

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-2099

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00352EPSS

Exploits0References7

RedhatCVE•added 2025/05/22 6:20 a.m.•4 views

CVE-2013-4593

RubyGem omniauth-facebook has an access token security vulnerability...

7.5CVSS7AI score0.00352EPSS

Exploits0References1

SUSE CVE•added 2023/02/15 5:35 a.m.•1 views

SUSE CVE-2013-4562

The omniauth-facebook gem 1.4.1 before 1.5.0 does not properly store the session parameter, which allows remote attackers to conduct cross-site request forgery CSRF attacks via the state parameter...

6.8CVSS6.8AI score0.00481EPSS

Exploits1References3

Github Security Blog•added 2022/05/05 12:29 a.m.•16 views

omniauth-facebook Improper Authentication vulnerability

RubyGem omniauth-facebook has an access token security vulnerability...

7.5CVSS3.5AI score0.00352EPSS

Exploits0References6Affected Software1

NVD•added 2019/12/11 2:15 p.m.•8 views

CVE-2013-4593

RubyGem omniauth-facebook has an access token security vulnerability...

7.5CVSS7.6AI score0.00352EPSS

Exploits0References4

Prion•added 2019/12/11 2:15 p.m.•6 views

Security feature bypass

RubyGem omniauth-facebook has an access token security vulnerability...

5CVSS7.1AI score0.00352EPSS

Exploits0References4Affected Software1

Cvelist•added 2019/12/11 1:45 p.m.•10 views

CVE-2013-4593

RubyGem omniauth-facebook has an access token security vulnerability...

7.6AI score0.00352EPSS

Exploits0References4

Debian CVE•added 2019/12/11 1:45 p.m.•15 views

CVE-2013-4593

RubyGem omniauth-facebook has an access token security vulnerability...

7.5CVSS2.7AI score0.00352EPSS

Exploits0

OSV•added 2017/10/24 6:33 p.m.•16 views

GHSA-CF36-985G-V73C omniauth-facebook Cross-Site Request Forgery vulnerability

The omniauth-facebook gem 1.4.1 before 1.5.0 does not properly store the session parameter, which allows remote attackers to conduct cross-site request forgery CSRF attacks via the state parameter...

6.8CVSS6.5AI score0.00481EPSS

Exploits1References6

Github Security Blog•added 2017/10/24 6:33 p.m.•29 views

omniauth-facebook Cross-Site Request Forgery vulnerability

The omniauth-facebook gem 1.4.1 before 1.5.0 does not properly store the session parameter, which allows remote attackers to conduct cross-site request forgery CSRF attacks via the state parameter...

6.8CVSS6.4AI score0.00481EPSS

Exploits1References6Affected Software1

NVD•added 2014/05/13 3:55 p.m.•13 views

CVE-2013-4562

The omniauth-facebook gem 1.4.1 before 1.5.0 does not properly store the session parameter, which allows remote attackers to conduct cross-site request forgery CSRF attacks via the state parameter...

6.8CVSS6.7AI score0.00481EPSS

Exploits1References6

Prion•added 2014/05/13 3:55 p.m.•10 views

Cross site request forgery (csrf)

The omniauth-facebook gem 1.4.1 before 1.5.0 does not properly store the session parameter, which allows remote attackers to conduct cross-site request forgery CSRF attacks via the state parameter...

6.8CVSS7.3AI score0.00481EPSS

Exploits1References6Affected Software1

Cvelist•added 2014/05/13 3:0 p.m.•19 views

CVE-2013-4562

The omniauth-facebook gem 1.4.1 before 1.5.0 does not properly store the session parameter, which allows remote attackers to conduct cross-site request forgery CSRF attacks via the state parameter...

6.7AI score0.00481EPSS

Exploits1References6

Debian CVE•added 2014/05/13 3:0 p.m.•17 views

CVE-2013-4562

The omniauth-facebook gem 1.4.1 before 1.5.0 does not properly store the session parameter, which allows remote attackers to conduct cross-site request forgery CSRF attacks via the state parameter...

6.8CVSS6.4AI score0.00481EPSS

Exploits1

RubySec•added 2013/11/12 12:0 a.m.•14 views

omniauth-facebook Gem for Ruby Unspecified CSRF

omniauth-facebook Gem for Ruby contains a flaw as HTTP requests do not require multiple steps, explicit confirmation, or a unique token when performing certain sensitive actions. By tricking a user into following a specially crafted link, a context-dependent attacker can perform a Cross-Site...

6.8CVSS7AI score0.00481EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by