Total
7170 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-1000213 | 1 Ruckus | 1 Wireless H500 | 2024-11-21 | N/A |
| Ruckus Wireless H500 web management interface CSRF | ||||
| CVE-2016-0948 | 1 Adobe | 1 Connect | 2024-11-21 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Adobe Connect before 9.5.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2016-0891 | 1 Emc | 1 Vipr Srm | 2024-11-21 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in administrative pages in EMC ViPR SRM before 3.7 allow remote attackers to hijack the authentication of administrators. | ||||
| CVE-2016-0863 | 1 Tollgrade | 1 Smartgrid Lighthouse Sensor Management System | 2024-11-21 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Tollgrade SmartGrid LightHouse Sensor Management System (SMS) Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to hijack the authentication of arbitrary users. | ||||
| CVE-2016-0720 | 3 Clusterlabs, Fedoraproject, Redhat | 3 Pcs, Fedora, Enterprise Linux | 2024-11-21 | N/A |
| Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149. | ||||
| CVE-2016-0386 | 1 Ibm | 1 Tririga Application Platform | 2024-11-21 | N/A |
| Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to hijack the authentication of administrators for requests that delete employees. | ||||
| CVE-2016-0356 | 1 Ibm | 1 Sametime | 2024-11-21 | N/A |
| IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user that has been invited to a Sametime meeting room, to cause the screen sharing to cease through the use of cross-site request forgery. IBM X-Force ID: 111895. | ||||
| CVE-2016-0355 | 1 Ibm | 1 Sametime | 2024-11-21 | N/A |
| IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user that has been invited to a Sametime meeting room, to cause the screen sharing to cease through the use of cross-site request forgery. IBM X-Force ID: 111894. | ||||
| CVE-2016-0348 | 1 Ibm | 1 Tririga Application Platform | 2024-11-21 | N/A |
| Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3, 3.3.1, 3.3.2, and 3.4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. IBM X-Force ID: 111813. | ||||
| CVE-2016-0335 | 1 Ibm | 1 Security Identity Manager | 2024-11-21 | N/A |
| Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors. IBM X-Force ID: 111736. | ||||
| CVE-2016-0295 | 1 Ibm | 1 Bigfix Platform | 2024-11-21 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the IBM BigFix Platform 9.0, 9.1, 9.2, and 9.5 before 9.5.2 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. IBM X-Force ID: 111363. | ||||
| CVE-2016-0272 | 1 Ibm | 1 Financial Transaction Manager | 2024-11-21 | N/A |
| Cross-site request forgery (CSRF) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to hijack the authentication of arbitrary users via unspecified vectors. IBM X-Force ID: 111052. | ||||
| CVE-2015-9498 | 1 Wpserveur | 1 Wps Hide Login | 2024-11-21 | 8.8 High |
| The wps-hide-login plugin before 1.1 for WordPress has CSRF that affects saving an option value. | ||||
| CVE-2015-9497 | 1 Ad Inserter Project | 1 Ad Inserter | 2024-11-21 | 8.8 High |
| The ad-inserter plugin before 1.5.3 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=ad-inserter.php. | ||||
| CVE-2015-9455 | 1 Incsub | 1 Buddypress-activity-plus | 2024-11-21 | 8.1 High |
| The buddypress-activity-plus plugin before 1.6.2 for WordPress has CSRF with resultant directory traversal via the wp-admin/admin-ajax.php bpfb_photos[] parameter in a bpfb_remove_temp_images action. | ||||
| CVE-2015-9447 | 1 Unitegallery | 1 Unite Gallery Lite | 2024-11-21 | 6.5 Medium |
| The unite-gallery-lite plugin before 1.5 for WordPress has CSRF and SQL injection via wp-admin/admin.php galleryid or id parameters. | ||||
| CVE-2015-9445 | 1 Unitegallery | 1 Unite Gallery Lite | 2024-11-21 | 8.8 High |
| The unite-gallery-lite plugin before 1.5 for WordPress has CSRF and SQL injection via wp-admin/admin-ajax.php in a unitegallery_ajax_action operation. | ||||
| CVE-2015-9443 | 1 Wp Accurate Form Data Project | 1 Wp Accurate Form Data | 2024-11-21 | 6.5 Medium |
| The accurate-form-data-real-time-form-validation plugin 1.2 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=Accu_Data_WP. | ||||
| CVE-2015-9442 | 1 Avenirsoft | 1 Directdownload | 2024-11-21 | 6.5 Medium |
| The avenirsoft-directdownload plugin 1.0 for WordPress has CSRF with resultant XSS via wp-admin/admin.php?page=avenir_plugin. | ||||
| CVE-2015-9441 | 1 Bookmarkify Project | 1 Bookmarkify | 2024-11-21 | 6.5 Medium |
| The bookmarkify plugin 2.9.2 for WordPress has CSRF with resultant XSS via wp-admin/options-general.php?page=bookmarkify.php. | ||||