Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-11646 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-11646)
vulnerability in csrf (CVE-2017-11646). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11679 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-11679)
vulnerability in csrf (CVE-2017-11679). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11680 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-11680)
vulnerability in csrf (CVE-2017-11680). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9413 |
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Podcast feature in Subsonic 6.1.1 allow remote attackers to hijack the authentication of users for requests that (1) subscribe to a po...
Multiple cross-site request forgery (CSRF) vulnerabilities in the Podcast feature in Subsonic 6.1.1 allow remote attackers to hijack the authentication of users for requests that (1) subscribe to a podcast via the add parameter to podcastReceiverAdmin.view or (2) update Internet Radio Settings via t...
|
| CVE-2017-10711 |
|
Cross-Site Scripting (XSS) in csrf (CVE-2017-10711)
cross-site scripting in csrf (CVE-2017-10711). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-2273 |
|
Cross-site request forgery (CSRF) vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to hijack the authentication of administrators...
Cross-site request forgery (CSRF) vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
| CVE-2017-9415 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9415)
vulnerability in csrf (CVE-2017-9415). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9930 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9930)
vulnerability in csrf (CVE-2017-9930). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9785 |
|
Unsafe Deserialization in csrf (CVE-2017-9785)
vulnerability in csrf (CVE-2017-9785). Successful exploitation can lead to full system takeover.
|
| CVE-2016-7507 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-7507)
vulnerability in csrf (CVE-2016-7507). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10961 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-10961)
vulnerability in csrf (CVE-2017-10961). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9810 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9810)
vulnerability in csrf (CVE-2017-9810). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9934 |
|
Cross-Site Scripting (XSS) in csrf (CVE-2017-9934)
cross-site scripting in csrf (CVE-2017-9934). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7666 |
|
Cross-Site Scripting (XSS) in apache (CVE-2017-7666)
cross-site scripting in apache (CVE-2017-7666). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1000069 |
|
CSRF in Bitly oauth2_proxy 2.1 during authentication flow
CSRF in Bitly oauth2_proxy 2.1 during authentication flow
|
| CVE-2017-1000008 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-1000008)
vulnerability in csrf (CVE-2017-1000008). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11193 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-11193)
vulnerability in csrf (CVE-2017-11193). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11196 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-11196)
vulnerability in csrf (CVE-2017-11196). Successful exploitation can lead to full system takeover.
|
| CVE-2017-2238 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-2238)
vulnerability in csrf (CVE-2017-2238). Successful exploitation can lead to full system takeover.
|
| CVE-2017-2244 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-2244)
vulnerability in csrf (CVE-2017-2244). Successful exploitation can lead to full system takeover.
|
| CVE-2017-2223 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-2223)
vulnerability in csrf (CVE-2017-2223). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7404 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-7404)
vulnerability in csrf (CVE-2017-7404). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5943 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-5943)
vulnerability in csrf (CVE-2017-5943). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10678 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-10678)
vulnerability in csrf (CVE-2017-10678). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10680 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-10680)
vulnerability in csrf (CVE-2017-10680). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10681 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-10681)
vulnerability in csrf (CVE-2017-10681). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5528 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-5528)
vulnerability in csrf (CVE-2017-5528). Successful exploitation can lead to full system takeover.
|
| CVE-2017-6086 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-6086)
vulnerability in csrf (CVE-2017-6086). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9757 |
|
OS Command Injection in csrf (CVE-2017-9757)
OS command injection in csrf (CVE-2017-9757). Successful exploitation can lead to full system takeover.
|
| CVE-2016-1000218 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-1000218)
vulnerability in csrf (CVE-2016-1000218). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9673 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9673)
vulnerability in csrf (CVE-2017-9673). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5244 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-5244)
vulnerability in csrf (CVE-2017-5244). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-6659 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-6659)
vulnerability in csrf (CVE-2017-6659). Successful exploitation can lead to full system takeover.
|
| CVE-2016-4907 |
|
Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors.
Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors.
|
| CVE-2016-4909 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-4909)
vulnerability in csrf (CVE-2016-4909). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-7809 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-7809)
vulnerability in csrf (CVE-2016-7809). Successful exploitation can lead to full system takeover.
|
| CVE-2016-7822 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-7822)
vulnerability in csrf (CVE-2016-7822). Successful exploitation can lead to full system takeover.
|
| CVE-2015-1786 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2015-1786)
vulnerability in csrf (CVE-2015-1786). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9517 |
|
atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV.
atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV.
|
| CVE-2017-9518 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9518)
vulnerability in csrf (CVE-2017-9518). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9519 |
|
atmail before 7.8.0.2 has CSRF, allowing an attacker to create a user account.
atmail before 7.8.0.2 has CSRF, allowing an attacker to create a user account.
|
| CVE-2017-9444 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9444)
vulnerability in csrf (CVE-2017-9444). Successful exploitation can lead to full system takeover.
|
| CVE-2017-8836 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-8836)
vulnerability in csrf (CVE-2017-8836). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9379 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9379)
vulnerability in csrf (CVE-2017-9379). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9365 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9365)
vulnerability in csrf (CVE-2017-9365). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7337 |
|
Vulnerability in csrf (CVE-2017-7337)
vulnerability in csrf (CVE-2017-7337). Confidential information can be exposed externally.
|
| CVE-2017-9033 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9033)
vulnerability in csrf (CVE-2017-9033). Successful exploitation can lead to full system takeover.
|
| CVE-2015-3191 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2015-3191)
vulnerability in csrf (CVE-2015-3191). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5657 |
|
Cross-Site Request Forgery (CSRF) in apache (CVE-2017-5657)
vulnerability in apache (CVE-2017-5657). Successful exploitation can lead to full system takeover.
|
| CVE-2016-4854 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-4854)
vulnerability in csrf (CVE-2016-4854). Successful exploitation can lead to full system takeover.
|