| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor |
| An issue has been discovered in GitLab affecting all versions starting from 7.7 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was vulnerable to a Cross-Site Request Forgery attack that allows a malicious user to have their GitHub project imported on another GitLab user account. |
| The Visual Form Builder WordPress plugin before 3.0.8 does not enforce nonce checks which could allow attackers to make a logged in admin or editor delete and restore arbitrary form entries via CSRF attacks |
| The AnyComment WordPress plugin before 0.2.18 does not have CSRF checks in the Import and Revert HyperComments features, allowing attackers to make logged in admin perform such actions via a CSRF attack |
| showdoc is vulnerable to Cross-Site Request Forgery (CSRF) |
| calibre-web is vulnerable to Cross-Site Request Forgery (CSRF) |
| archivy is vulnerable to Cross-Site Request Forgery (CSRF) |
| A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of service (DOS) problem. |
| livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) |
| snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) |
| livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) |
| yetiforcecrm is vulnerable to Cross-Site Request Forgery (CSRF) |
| pimcore is vulnerable to Cross-Site Request Forgery (CSRF) |
| livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) |
| kimai2 is vulnerable to Cross-Site Request Forgery (CSRF) |
| A cross-site request forgery vulnerability in the HTTP daemon of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary commands if they coerce or trick a local user to visit a compromised website with malicious scripts. |
| showdoc is vulnerable to Cross-Site Request Forgery (CSRF) |
| firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) |
| firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) |
| JFrog Artifactory prior to version 7.31.10 and 6.23.38 is vulnerable to Sensitive Data Exposure through the Project Administrator REST API. This issue affects: JFrog JFrog Artifactory JFrog Artifactory versions before 7.31.10 versions prior to 7.x; JFrog Artifactory versions before 6.23.38 versions prior to 6.x. |
