CWE-35 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (9372 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-37990	1 Perelink Pro Project	1 Perelink Pro	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Mike Perelink Pro plugin <= 2.1.4 versions.
CVE-2023-37985	1 Fivestarplugins	1 Five Star Restaurant Menu	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in FiveStarPlugins Restaurant Menu and Food Ordering plugin <= 2.4.6 versions.
CVE-2023-37974	1 Wp Social Autoconnect Project	1 Wp Social Autoconnect	2024-11-21	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Justin Klein WP Social AutoConnect plugin <= 4.6.1 versions.
CVE-2023-37973	1 Replace Word Project	1 Replace Word	2024-11-21	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in David Pokorny Replace Word plugin <= 2.1 versions.
CVE-2023-37964	1 Jenkins	1 Elasticbox Ci	2024-11-21	8.8 High
A cross-site request forgery (CSRF) vulnerability in Jenkins ElasticBox CI Plugin 5.0.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVE-2023-37962	1 Jenkins	1 Benchmark Evaluator	2024-11-21	8.8 High
A cross-site request forgery (CSRF) vulnerability in Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier allows attackers to connect to an attacker-specified URL and to check for the existence of directories, `.csv`, and `.ycsb` files on the Jenkins controller file system.
CVE-2023-37961	1 Jenkins	1 Assembla	2024-11-21	8.8 High
A cross-site request forgery (CSRF) vulnerability in Jenkins Assembla Auth Plugin 1.14 and earlier allows attackers to trick users into logging in to the attacker's account.
CVE-2023-37958	1 Jenkins	1 Sumologic Publisher	2024-11-21	8.8 High
A cross-site request forgery (CSRF) vulnerability in Jenkins Sumologic Publisher Plugin 2.2.1 and earlier allows attackers to connect to an attacker-specified URL.
CVE-2023-37957	1 Jenkins	1 Pipeline Restful Api	2024-11-21	8.8 High
A cross-site request forgery (CSRF) vulnerability in Jenkins Pipeline restFul API Plugin 0.11 and earlier allows attackers to connect to an attacker-specified URL, capturing a newly generated JCLI token.
CVE-2023-37955	1 Jenkins	1 Test Results Aggregator	2024-11-21	6.5 Medium
A cross-site request forgery (CSRF) vulnerability in Jenkins Test Results Aggregator Plugin 1.2.13 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials.
CVE-2023-37954	1 Jenkins	1 Rebuilder	2024-11-21	4.3 Medium
A cross-site request forgery (CSRF) vulnerability in Jenkins Rebuilder Plugin 320.v5a_0933a_e7d61 and earlier allows attackers to rebuild a previous build.
CVE-2023-37952	1 Jenkins	1 Mabl	2024-11-21	6.5 Medium
A cross-site request forgery (CSRF) vulnerability in Jenkins mabl Plugin 0.0.46 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVE-2023-37892	1 Pluginpress	1 Shortcode Imdb	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Kemal YAZICI - PluginPress Shortcode IMDB plugin <= 6.0.8 versions.
CVE-2023-37891	1 Optimonk	1 Optimonk\	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in OptiMonk OptiMonk: Popups, Personalization & A/B Testing plugin <= 2.0.4 versions.
CVE-2023-37889	1 Wpadmin	1 Aws Cdn	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WPAdmin WPAdmin AWS CDN plugin <= 2.0.13 versions.
CVE-2023-37650	1 Agentejo	1 Cockpit	2024-11-21	8.8 High
A Cross-Site Request Forgery (CSRF) in the Admin portal of Cockpit CMS v2.5.2 allows attackers to execute arbitrary Administrator commands.
CVE-2023-37598	1 Issabel	1 Pbx	2024-11-21	4.5 Medium
A Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete new virtual fax function.
CVE-2023-37597	1 Issabel	1 Pbx	2024-11-21	8.1 High
Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete user grouplist function.
CVE-2023-37596	1 Issabel	1 Pbx	2024-11-21	8.1 High
Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via a crafted script to the deleteuser function.
CVE-2023-37562	1 Elecom	4 Wtc-c1167gc-b, Wtc-c1167gc-b Firmware, Wtc-c1167gc-w and 1 more	2024-11-21	8.8 High
Cross-site request forgery (CSRF) vulnerability in exists in WTC-C1167GC-B v1.17 and earlier, and WTC-C1167GC-W v1.17 and earlier. If a user views a malicious page while logged in, unintended operations may be performed.

« first previous Page 322 of 469. next last »