CWE-35 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (9363 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-38398	1 Tablooa	1 Tablooa	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Taboola plugin <= 2.0.1 versions.
CVE-2023-38396	1 Web-argument	1 Google-map-shortcode	2024-11-21	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Alain Gonzalez plugin <= 3.1.2 versions.
CVE-2023-38390	1 Anshullabs	1 Mobile Address Bar Changer	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Anshul Labs Mobile Address Bar Changer plugin <= 3.0 versions.
CVE-2023-38381	1 Wp-flybox Project	1 Wp-flybox	2024-11-21	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Cyle Conoly WP-FlyBox plugin <= 6.46 versions.
CVE-2023-38349	1 Pnp4nagios	1 Pnp4nagios	2024-11-21	8.8 High
PNP4Nagios through 81ebfc5 lacks CSRF protection in the AJAX controller. This affects 0.6.26.
CVE-2023-38348	1 Lw-systems	1 Benno Mailarchiv	2024-11-21	8.8 High
A CSRF issue was discovered in LWsystems Benno MailArchiv 2.10.1.
CVE-2023-38268	3 Ibm, Linux, Microsoft	4 Aix, Infosphere Information Server, Linux Kernel and 1 more	2024-11-21	4.3 Medium
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 260585.
CVE-2023-38001	1 Ibm	1 Aspera Orchestrator	2024-11-21	6.5 Medium
IBM Aspera Orchestrator 4.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 260206.
CVE-2023-37998	1 Saas	1 Disabler	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Saas Disabler allows Cross Site Request Forgery.This issue affects Disabler: from n/a through 3.0.3.
CVE-2023-37995	1 Wp-copyprotect Project	1 Wp-copyprotect	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-CopyProtect [Protect your blog posts] plugin <= 3.1.0 versions.
CVE-2023-37991	1 Monchito	1 Wp Emoji One	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Monchito.Net WP Emoji One plugin <= 0.6.0 versions.
CVE-2023-37990	1 Perelink Pro Project	1 Perelink Pro	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Mike Perelink Pro plugin <= 2.1.4 versions.
CVE-2023-37985	1 Fivestarplugins	1 Five Star Restaurant Menu	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in FiveStarPlugins Restaurant Menu and Food Ordering plugin <= 2.4.6 versions.
CVE-2023-37974	1 Wp Social Autoconnect Project	1 Wp Social Autoconnect	2024-11-21	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Justin Klein WP Social AutoConnect plugin <= 4.6.1 versions.
CVE-2023-37973	1 Replace Word Project	1 Replace Word	2024-11-21	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in David Pokorny Replace Word plugin <= 2.1 versions.
CVE-2023-37964	1 Jenkins	1 Elasticbox Ci	2024-11-21	8.8 High
A cross-site request forgery (CSRF) vulnerability in Jenkins ElasticBox CI Plugin 5.0.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVE-2023-37962	1 Jenkins	1 Benchmark Evaluator	2024-11-21	8.8 High
A cross-site request forgery (CSRF) vulnerability in Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier allows attackers to connect to an attacker-specified URL and to check for the existence of directories, `.csv`, and `.ycsb` files on the Jenkins controller file system.
CVE-2023-37961	1 Jenkins	1 Assembla	2024-11-21	8.8 High
A cross-site request forgery (CSRF) vulnerability in Jenkins Assembla Auth Plugin 1.14 and earlier allows attackers to trick users into logging in to the attacker's account.
CVE-2023-37958	1 Jenkins	1 Sumologic Publisher	2024-11-21	8.8 High
A cross-site request forgery (CSRF) vulnerability in Jenkins Sumologic Publisher Plugin 2.2.1 and earlier allows attackers to connect to an attacker-specified URL.
CVE-2023-37957	1 Jenkins	1 Pipeline Restful Api	2024-11-21	8.8 High
A cross-site request forgery (CSRF) vulnerability in Jenkins Pipeline restFul API Plugin 0.11 and earlier allows attackers to connect to an attacker-specified URL, capturing a newly generated JCLI token.

« first previous Page 321 of 469. next last »