Export limit exceeded: 10562 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9951 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-24447 | 1 Jenkins | 1 Rabbitmq Consumer | 2025-04-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers to connect to an attacker-specified AMQP(S) URL using attacker-specified username and password. | ||||
| CVE-2023-24446 | 1 Jenkins | 1 Openid | 2025-04-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins OpenID Plugin 2.4 and earlier allows attackers to trick users into logging in to the attacker's account. | ||||
| CVE-2023-24437 | 1 Jenkins | 1 Jira Pipeline Steps | 2025-04-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||
| CVE-2023-24434 | 1 Jenkins | 1 Github Pull Request Builder | 2025-04-02 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | ||||
| CVE-2025-27664 | 1 Printerlogic | 2 Vasion Print, Virtual Appliance | 2025-04-01 | 8.8 High |
| Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Insufficient CSRF Protection OVE-20230524-0008. | ||||
| CVE-2024-30946 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 5.5 Medium |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/co_do.php. | ||||
| CVE-2024-30965 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 8.8 High |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/member_scores.php. | ||||
| CVE-2024-29684 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 9.8 Critical |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /src/dede/makehtml_homepage.php allowing a remote attacker to execute arbitrary code. | ||||
| CVE-2024-4767 | 3 Debian, Mozilla, Redhat | 8 Debian Linux, Firefox, Thunderbird and 5 more | 2025-04-01 | 4.3 Medium |
| If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. | ||||
| CVE-2024-4769 | 3 Debian, Mozilla, Redhat | 8 Debian Linux, Firefox, Thunderbird and 5 more | 2025-04-01 | 5.9 Medium |
| When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and non-script responses. This could have been abused to learn information cross-origin. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. | ||||
| CVE-2024-1231 | 1 Cminds | 1 Cm Download Manager | 2025-04-01 | 6.8 Medium |
| The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins unpublish downloads via a CSRF attack | ||||
| CVE-2024-1232 | 1 Cminds | 1 Cm Download Manager | 2025-04-01 | 4.8 Medium |
| The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete downloads via a CSRF attack | ||||
| CVE-2024-1962 | 1 Cminds | 1 Cm Download Manager | 2025-04-01 | 8.8 High |
| The CM Download Manager WordPress plugin before 2.9.1 does not have CSRF checks in some places, which could allow attackers to make logged in admins edit downloads via a CSRF attack | ||||
| CVE-2024-24702 | 1 Sivel | 1 Pagerestrict | 2025-04-01 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Matt Martz & Andy Stratton Page Restrict.This issue affects Page Restrict: from n/a through 2.5.5. | ||||
| CVE-2023-51683 | 1 Wpplugin | 1 Easy Paypal \& Stripe Buy Now Button | 2025-04-01 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Easy PayPal & Stripe Buy Now Button.This issue affects Easy PayPal & Stripe Buy Now Button: from n/a through 1.8.1. | ||||
| CVE-2023-52223 | 1 Mailerlite | 1 Mailerlite | 2025-04-01 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in MailerLite MailerLite – WooCommerce integration.This issue affects MailerLite – WooCommerce integration: from n/a through 2.0.8. | ||||
| CVE-2024-25931 | 1 Heureka | 1 Heureka | 2025-04-01 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Heureka Group Heureka.This issue affects Heureka: from n/a through 1.0.8. | ||||
| CVE-2024-28678 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 6.3 Medium |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_description_main.php | ||||
| CVE-2024-28681 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 6.1 Medium |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/plus_edit.php. | ||||
| CVE-2024-28682 | 1 Dedecms | 1 Dedecms | 2025-04-01 | 6.3 Medium |
| DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/sys_cache_up.php. | ||||