Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

12 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2017-0228

Malware in sbrugna...

6.8CVSS6.2AI score0.00072EPSS
Exploits0References11
RedhatCVE
RedhatCVEadded 2025/05/22 12:27 a.m.4 views

CVE-2012-6134

Cross-site request forgery CSRF vulnerability in the omniauth-oauth2 gem 1.1.1 and earlier for Ruby allows remote attackers to hijack the authentication of users for requests that modify session state...

6.8CVSS7.4AI score0.00072EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2023/02/15 5:43 a.m.2 views

SUSE CVE-2012-6134

Cross-site request forgery CSRF vulnerability in the omniauth-oauth2 gem 1.1.1 and earlier for Ruby allows remote attackers to hijack the authentication of users for requests that modify session state...

6.8CVSS7.2AI score0.00072EPSS
Exploits0References3
Veracode
Veracodeadded 2018/11/15 7:15 a.m.12 views

Information Disclosure

omniauth-oauth2 is vulnerable to information disclosure. An insecure string comparison is used to verify the anti-CSRF string, allowing for an attacker to enumerate the anti-CSRF string through a timing attack...

6.2AI score
Exploits0
OSV
OSVadded 2017/10/24 6:33 p.m.15 views

GHSA-FGMX-8H93-26FH omniauth-oauth2 Cross-Site Request Forgery vulnerability

Cross-site request forgery CSRF vulnerability in the omniauth-oauth2 gem prior to 1.1.1 for Ruby allows remote attackers to hijack the authentication of users for requests that modify session state...

6.8CVSS6.8AI score0.00072EPSS
Exploits0References8
Github Security Blog
Github Security Blogadded 2017/10/24 6:33 p.m.21 views

omniauth-oauth2 Cross-Site Request Forgery vulnerability

Cross-site request forgery CSRF vulnerability in the omniauth-oauth2 gem prior to 1.1.1 for Ruby allows remote attackers to hijack the authentication of users for requests that modify session state...

6.8CVSS6.2AI score0.00072EPSS
Exploits0References8Affected Software1
NVD
NVDadded 2013/04/09 8:55 p.m.10 views

CVE-2012-6134

Cross-site request forgery CSRF vulnerability in the omniauth-oauth2 gem 1.1.1 and earlier for Ruby allows remote attackers to hijack the authentication of users for requests that modify session state...

6.8CVSS7AI score0.00072EPSS
Exploits0References5
Prion
Prionadded 2013/04/09 8:55 p.m.10 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the omniauth-oauth2 gem 1.1.1 and earlier for Ruby allows remote attackers to hijack the authentication of users for requests that modify session state...

6.8CVSS7.6AI score0.00072EPSS
Exploits0References5Affected Software1
CVE
CVEadded 2013/04/09 8:0 p.m.70 views

CVE-2012-6134

CVE-2012-6134: CSRF vulnerability in the Ruby gem omniauth-oauth2 (versions 1.1.1 and earlier) allows remote attackers to hijack user authentication for requests that modify session state. Affected component is the omniauth-oauth2 gem for Ruby; root cause is cross-site request forgery. Connected ...

6.8CVSS7.3AI score0.00072EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVEadded 2013/04/09 8:0 p.m.14 views

CVE-2012-6134

Cross-site request forgery CSRF vulnerability in the omniauth-oauth2 gem 1.1.1 and earlier for Ruby allows remote attackers to hijack the authentication of users for requests that modify session state...

6.8CVSS6.8AI score0.00072EPSS
Exploits0
Cvelist
Cvelistadded 2013/04/09 8:0 p.m.13 views

CVE-2012-6134

Cross-site request forgery CSRF vulnerability in the omniauth-oauth2 gem 1.1.1 and earlier for Ruby allows remote attackers to hijack the authentication of users for requests that modify session state...

7AI score0.00072EPSS
Exploits0References5
RubySec
RubySecadded 2012/09/08 12:0 a.m.23 views

Ruby on Rails omniauth-oauth2 Gem CSRF vulnerability

The omniauth-oauth2 Ruby Gem contains a flaw that allows an attacker to inject values into a user's session through a CSRF attack...

6.8CVSS6.8AI score0.00072EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder