Search
Search Results (9968 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-4168 | 1 Showdoc | 1 Showdoc | 2024-11-21 | 8.8 High |
| showdoc is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4164 | 1 Janeczku | 1 Calibre-web | 2024-11-21 | 8.8 High |
| calibre-web is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4162 | 1 Archivy Project | 1 Archivy | 2024-11-21 | 4.3 Medium |
| archivy is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4148 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2024-11-21 | 5.5 Medium |
| A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of service (DOS) problem. | ||||
| CVE-2021-4131 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 8.8 High |
| livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4130 | 1 Snipeitapp | 1 Snipe-it | 2024-11-21 | 8.8 High |
| snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4123 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 6.5 Medium |
| livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4092 | 1 Yetiforce | 1 Yetiforce Customer Relationship Management | 2024-11-21 | 4.3 Medium |
| yetiforcecrm is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4082 | 1 Pimcore | 1 Pimcore | 2024-11-21 | 4.3 Medium |
| pimcore is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4049 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 6.5 Medium |
| livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4033 | 1 Kimai | 1 Kimai 2 | 2024-11-21 | 6.5 Medium |
| kimai2 is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4030 | 1 Zyxel | 4 Nbg6816, Nbg6816 Firmware, Nbg6817 and 1 more | 2024-11-21 | 8 High |
| A cross-site request forgery vulnerability in the HTTP daemon of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary commands if they coerce or trick a local user to visit a compromised website with malicious scripts. | ||||
| CVE-2021-4017 | 1 Showdoc | 1 Showdoc | 2024-11-21 | 8.8 High |
| showdoc is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4015 | 1 Firefly-iii | 1 Firefly Iii | 2024-11-21 | 4.3 Medium |
| firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-4005 | 1 Firefly-iii | 1 Firefly Iii | 2024-11-21 | 4.3 Medium |
| firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-46687 | 1 Jfrog | 1 Artifactory | 2024-11-21 | 4.9 Medium |
| JFrog Artifactory prior to version 7.31.10 and 6.23.38 is vulnerable to Sensitive Data Exposure through the Project Administrator REST API. This issue affects: JFrog JFrog Artifactory JFrog Artifactory versions before 7.31.10 versions prior to 7.x; JFrog Artifactory versions before 6.23.38 versions prior to 6.x. | ||||
| CVE-2021-46426 | 1 Phpipam | 1 Phpipam | 2024-11-21 | 6.1 Medium |
| phpIPAM 1.4.4 allows Reflected XSS and CSRF via app/admin/subnets/find_free_section_subnets.php of the subnets functionality. | ||||
| CVE-2021-46398 | 1 Filebrowser | 1 Filebrowser | 2024-11-21 | 8.8 High |
| A Cross-Site Request Forgery vulnerability exists in Filebrowser < 2.18.0 that allows attackers to create a backdoor user with admin privilege and get access to the filesystem via a malicious HTML webpage that is sent to the victim. An admin can run commands using the FileBrowser and hence it leads to RCE. | ||||
| CVE-2021-46366 | 1 Magnolia-cms | 1 Magnolia Cms | 2024-11-21 | 8.8 High |
| An issue in the Login page of Magnolia CMS v6.2.3 and below allows attackers to exploit both an Open Redirect vulnerability and Cross-Site Request Forgery (CSRF) in order to brute force and exfiltrate users' credentials. | ||||
| CVE-2021-46252 | 1 Scratch-wiki | 1 Scratch Confirmaccount V3 | 2024-11-21 | 6.5 Medium |
| A Cross-Site Request Forgery (CSRF) in RequirementsBypassPage.php of Scratch Wiki scratch-confirmaccount-v3 allows attackers to modify account request requirement bypasses. | ||||