Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 220456 entries
IDDescriptionPriorityModified date
CVE-2022-30544 Cross-Site Request Forgery (CSRF) in MiKa\'s OSM – OpenStreetMap plugin <= 6.0.1 versions. -- Jan 25, 2023
CVE-2022-0088 Cross-Site Request Forgery (CSRF) in GitHub repository yourls/yourls prior to 1.8.3. MEDIUM Apr 3, 2022
CVE-2023-4455 Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.6.3. -- Aug 21, 2023
CVE-2023-4454 Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.6.3. -- Aug 21, 2023
CVE-2023-0735 Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.5.4. -- Feb 8, 2023
CVE-2022-4850 Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1. -- Dec 29, 2022
CVE-2022-4849 Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1. -- Dec 29, 2022
CVE-2022-4846 Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1. -- Dec 29, 2022
CVE-2022-4845 Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1. -- Dec 29, 2022
CVE-2022-4844 Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1. -- Dec 29, 2022
CVE-2023-5036 Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.15.1. -- Sep 19, 2023
CVE-2023-2552 Cross-Site Request Forgery (CSRF) in GitHub repository unilogies/bumsys prior to 2.1.1. -- May 10, 2023
CVE-2023-3075 Cross-Site Request Forgery (CSRF) in GitHub repository tsolucio/corebos prior to 8. -- Jun 2, 2023
CVE-2023-0642 Cross-Site Request Forgery (CSRF) in GitHub repository squidex/squidex prior to 7.4.0. -- Feb 2, 2023
CVE-2023-5511 Cross-Site Request Forgery (CSRF) in GitHub repository snipe/snipe-it prior to v.6.2.3. -- Oct 11, 2023
CVE-2023-3627 Cross-Site Request Forgery (CSRF) in GitHub repository salesagility/suitecrm-core prior to 8.3.1. -- Jul 11, 2023
CVE-2023-5902 Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16. -- Nov 7, 2023
CVE-2023-5899 Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16. -- Nov 1, 2023
CVE-2023-5898 Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16. -- Nov 1, 2023
CVE-2023-5893 Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16. -- Nov 1, 2023
CVE-2023-5626 Cross-Site Request Forgery (CSRF) in GitHub repository pkp/ojs prior to 3.3.0-16. -- Oct 18, 2023
CVE-2023-5897 Cross-Site Request Forgery (CSRF) in GitHub repository pkp/customLocale prior to 1.2.0-1. -- Nov 1, 2023
CVE-2023-5687 Cross-Site Request Forgery (CSRF) in GitHub repository mosparo/mosparo prior to 1.0.3. -- Oct 20, 2023
CVE-2023-5690 Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.2.2. -- Oct 20, 2023
CVE-2023-2228 Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.1.0. -- Apr 24, 2023
CVE-2023-0438 Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4. -- Jan 23, 2023
CVE-2023-0406 Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4. -- Jan 27, 2023
CVE-2023-0398 Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/modoboa prior to 2.0.4. -- Jan 27, 2023
CVE-2022-0245 Cross-Site Request Forgery (CSRF) in GitHub repository livehelperchat/livehelperchat prior to 2.0. MEDIUM Jan 18, 2022
CVE-2022-4646 Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.5.4. -- Dec 22, 2022
CVE-2022-3274 Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.7. -- Sep 22, 2022
CVE-2022-3267 Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6. -- Sep 22, 2022
CVE-2022-3233 Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6. -- Sep 23, 2022
CVE-2022-3232 Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.5. -- Sep 17, 2022
CVE-2022-3221 Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.3. -- Sep 18, 2022
CVE-2023-1033 Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 2.0.11. -- Feb 26, 2023
CVE-2022-4867 Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 2.0.0-beta1. -- Jan 2, 2023
CVE-2022-3017 Cross-Site Request Forgery (CSRF) in GitHub repository froxlor/froxlor prior to 0.10.38. -- Aug 28, 2022
CVE-2022-0515 Cross-Site Request Forgery (CSRF) in GitHub repository crater-invoice/crater prior to 6.0.4. MEDIUM Mar 22, 2022
CVE-2023-5498 Cross-Site Request Forgery (CSRF) in GitHub repository chiefonboarding/chiefonboarding prior to v2.0.47. -- Oct 10, 2023
CVE-2023-2307 Cross-Site Request Forgery (CSRF) in GitHub repository builderio/qwik prior to 0.104.0. -- May 3, 2023
CVE-2020-23264 Cross-site request forgery (CSRF) in Fork-CMS before 5.8.2 allow remote attackers to hijack the authentication of logged administrators. MEDIUM May 7, 2021
CVE-2023-6251 Cross-site Request Forgery (CSRF) in Checkmk < 2.2.0p15, < 2.1.0p37, <= 2.0.0p39 allow an authenticated attacker to delete user-messages for individual users. -- Nov 24, 2023
CVE-2020-23631 Cross-site request forgery (CSRF) in admin/global/manage.php in WDJA CMS 1.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via the tongji parameter. MEDIUM Jan 13, 2021
CVE-2022-23976 Cross-Site Request Forgery (CSRF) in Access Demo Importer <= 1.0.7 on WordPress allows an attacker to reset all data (posts / pages / media). MEDIUM Apr 18, 2022
CVE-2022-23975 Cross-Site Request Forgery (CSRF) in Access Demo Importer <= 1.0.7 on WordPress allows an attacker to activate any installed plugin. MEDIUM Apr 18, 2022
CVE-2017-16565 Cross-Site Request Forgery (CSRF) in /cgi-bin/login on Vonage (Grandstream) HT802 devices allows attackers to authenticate a user via the login screen using the default password of 123 and submit arbitrary requests. MEDIUM Nov 6, 2017
CVE-2017-10677 Cross-Site Request Forgery (CSRF) exists on Linksys EA4500 devices with Firmware Version before 2.1.41.164606, as demonstrated by a request to apply.cgi to disable SIP. MEDIUM Aug 6, 2017
CVE-2021-39243 Cross-Site Request Forgery (CSRF) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via any CGI endpoint. This affects Nexto NX3003 1.8.11.0, Nexto NX3004 1.8.11.0, Nexto NX3005 1.8.11.0, Nexto NX3010 1.8.3.0, Nexto NX3020 1.8.3.0, Nexto NX3030 1.8.3.0, Nexto NX5100 1.8.11.0, Nexto NX5101 1.8.11.0, Nexto NX5110 1.1.2.8, Nexto NX5210 1.1.2.8, Nexto Xpress XP300 1.8.11.0, Nexto Xpress XP315 1.8.11.0, Nexto Xpress XP325 1.8.11.0, Nexto Xpress XP340 1.8.11.0, and Hadron Xtorm HX3040 1.7.58.0. MEDIUM Aug 26, 2021
CVE-2017-11680 Cross-Site Request Forgery (CSRF) exists in Hashtopussy 0.4.0, allowing an admin password change via users.php. MEDIUM Jul 27, 2017
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube