Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-12838 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-12838)
vulnerability in csrf (CVE-2017-12838). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1097 |
|
Cross-Site Request Forgery (CSRF) in ibm (CVE-2017-1097)
vulnerability in ibm (CVE-2017-1097). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14048 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-14048)
vulnerability in csrf (CVE-2017-14048). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1442 |
|
Cross-Site Request Forgery (CSRF) in ibm (CVE-2017-1442)
vulnerability in ibm (CVE-2017-1442). Successful exploitation can lead to full system takeover.
|
| CVE-2016-0355 |
|
Cross-Site Request Forgery (CSRF) in ibm (CVE-2016-0355)
vulnerability in ibm (CVE-2016-0355). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-0356 |
|
Cross-Site Request Forgery (CSRF) in ibm (CVE-2016-0356)
vulnerability in ibm (CVE-2016-0356). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-2965 |
|
Cross-Site Request Forgery (CSRF) in ibm (CVE-2016-2965)
vulnerability in ibm (CVE-2016-2965). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-3655 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2015-3655)
vulnerability in csrf (CVE-2015-3655). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11455 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-11455)
vulnerability in csrf (CVE-2017-11455). Successful exploitation can lead to full system takeover.
|
| CVE-2014-8900 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2014-8900)
vulnerability in csrf (CVE-2014-8900). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7926 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-7926)
vulnerability in csrf (CVE-2017-7926). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12703 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-12703)
vulnerability in csrf (CVE-2017-12703). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12970 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-12970)
vulnerability in csrf (CVE-2017-12970). Successful exploitation can lead to full system takeover.
|
| CVE-2015-5258 |
|
Cross-site request forgery (CSRF) vulnerability in springframework-social before 1.1.3.
Cross-site request forgery (CSRF) vulnerability in springframework-social before 1.1.3.
|
| CVE-2017-7557 |
|
Authentication Bypass in csrf (CVE-2017-7557)
authentication bypass in csrf (CVE-2017-7557). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5187 |
|
Cross-Site Request Forgery (CSRF) in microfocus (CVE-2017-5187)
vulnerability in microfocus (CVE-2017-5187). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7423 |
|
Cross-Site Request Forgery (CSRF) in microfocus (CVE-2017-7423)
vulnerability in microfocus (CVE-2017-7423). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12881 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-12881)
vulnerability in csrf (CVE-2017-12881). Successful exploitation can lead to full system takeover.
|
| CVE-2015-5081 |
|
Cross-Site Request Forgery (CSRF) in django-cms (CVE-2015-5081)
vulnerability in django-cms (CVE-2015-5081). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `f77cbc607d6e2a62e63287d37ad320109a2cc78a, 3.0.14, 3.1.1` or later.
|
| CVE-2017-12589 |
|
ToMAX R60G R60GV2-V2.0-v.2.6.3-170330 devices do not have any protection against a CSRF attack.
ToMAX R60G R60GV2-V2.0-v.2.6.3-170330 devices do not have any protection against a CSRF attack.
|
| CVE-2017-12593 |
|
ASUS DSL-N10S V2.1.16_APAC devices allow CSRF.
ASUS DSL-N10S V2.1.16_APAC devices allow CSRF.
|
| CVE-2017-7556 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-7556)
vulnerability in csrf (CVE-2017-7556). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12853 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-12853)
vulnerability in csrf (CVE-2017-12853). Successful exploitation can lead to full system takeover.
|
| CVE-2017-6328 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-6328)
vulnerability in csrf (CVE-2017-6328). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12651 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-12651)
vulnerability in wordpress (CVE-2017-12651). Successful exploitation can lead to full system takeover. Exploitable via `Referer header`.
|
| CVE-2017-6756 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-6756)
vulnerability in csrf (CVE-2017-6756). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10677 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-10677)
vulnerability in csrf (CVE-2017-10677). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12584 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-12584)
vulnerability in csrf (CVE-2017-12584). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9863 |
|
Cross-Site Request Forgery (CSRF) in sma (CVE-2017-9863)
vulnerability in sma (CVE-2017-9863). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12439 |
|
Cross-Site Request Forgery (CSRF) in socusoft (CVE-2017-12439)
vulnerability in socusoft (CVE-2017-12439). Successful exploitation can lead to full system takeover.
|
| CVE-2017-2138 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-2138)
vulnerability in csrf (CVE-2017-2138). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11648 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-11648)
vulnerability in csrf (CVE-2017-11648). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11726 |
|
Cross-Site Request Forgery (CSRF) in rails (CVE-2017-11726)
vulnerability in rails (CVE-2017-11726). Successful exploitation can lead to full system takeover.
|
| CVE-2016-9714 |
|
Cross-Site Request Forgery (CSRF) in ibm (CVE-2016-9714)
vulnerability in ibm (CVE-2016-9714). Successful exploitation can lead to full system takeover.
|
| CVE-2016-9716 |
|
Cross-Site Request Forgery (CSRF) in ibm (CVE-2016-9716)
vulnerability in ibm (CVE-2016-9716). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9489 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9489)
vulnerability in csrf (CVE-2017-9489). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9490 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9490)
vulnerability in csrf (CVE-2017-9490). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11646 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-11646)
vulnerability in csrf (CVE-2017-11646). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11679 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-11679)
vulnerability in csrf (CVE-2017-11679). Successful exploitation can lead to full system takeover.
|
| CVE-2017-11680 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-11680)
vulnerability in csrf (CVE-2017-11680). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9413 |
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Podcast feature in Subsonic 6.1.1 allow remote attackers to hijack the authentication of users for requests that (1) subscribe to a po...
Multiple cross-site request forgery (CSRF) vulnerabilities in the Podcast feature in Subsonic 6.1.1 allow remote attackers to hijack the authentication of users for requests that (1) subscribe to a podcast via the add parameter to podcastReceiverAdmin.view or (2) update Internet Radio Settings via t...
|
| CVE-2017-2273 |
|
Cross-site request forgery (CSRF) vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to hijack the authentication of administrators...
Cross-site request forgery (CSRF) vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
| CVE-2017-9415 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9415)
vulnerability in csrf (CVE-2017-9415). Successful exploitation can lead to full system takeover.
|
| CVE-2015-4639 |
|
Cross-Site Request Forgery (CSRF) in koha (CVE-2015-4639)
vulnerability in koha (CVE-2015-4639). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9930 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9930)
vulnerability in csrf (CVE-2017-9930). Successful exploitation can lead to full system takeover.
|
| CVE-2017-1218 |
|
Cross-Site Request Forgery (CSRF) in ibm (CVE-2017-1218)
vulnerability in ibm (CVE-2017-1218). Successful exploitation can lead to full system takeover.
|
| CVE-2016-7507 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-7507)
vulnerability in csrf (CVE-2016-7507). Successful exploitation can lead to full system takeover.
|
| CVE-2017-10961 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-10961)
vulnerability in csrf (CVE-2017-10961). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9810 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-9810)
vulnerability in csrf (CVE-2017-9810). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7666 |
|
Cross-Site Scripting (XSS) in apache (CVE-2017-7666)
cross-site scripting in apache (CVE-2017-7666). Successful exploitation can lead to full system takeover.
|