Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (8666 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-3957 1 Kimai 1 Kimai 2 2024-11-21 4.3 Medium
kimai2 is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3944 1 Bookstackapp 1 Bookstack 2024-11-21 6.8 Medium
bookstack is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3932 1 Area17 1 Twill 2024-11-21 4.3 Medium
twill is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3931 1 Snipeitapp 1 Snipe-it 2024-11-21 4.3 Medium
snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3921 1 Firefly-iii 1 Firefly Iii 2024-11-21 4.3 Medium
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3901 1 Firefly-iii 1 Firefly Iii 2024-11-21 8.8 High
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3900 1 Firefly-iii 1 Firefly Iii 2024-11-21 6.5 Medium
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3858 1 Snipeitapp 1 Snipe-it 2024-11-21 8.8 High
snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3819 1 Firefly-iii 1 Firefly Iii 2024-11-21 8.8 High
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3776 1 Showdoc 1 Showdoc 2024-11-21 5.4 Medium
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3775 1 Showdoc 1 Showdoc 2024-11-21 5.4 Medium
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3734 1 Yourls 1 Yourls 2024-11-21 8.8 High
yourls is vulnerable to Improper Restriction of Rendered UI Layers or Frames
CVE-2021-3730 1 Firefly-iii 1 Firefly Iii 2024-11-21 6.5 Medium
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3729 1 Firefly-iii 1 Firefly Iii 2024-11-21 4.3 Medium
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3728 1 Firefly-iii 1 Firefly Iii 2024-11-21 6.5 Medium
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3683 1 Showdoc 1 Showdoc 2024-11-21 6.5 Medium
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3133 1 Sean-barton 1 Elementor Contact Form Db 2024-11-21 6.5 Medium
The Elementor Contact Form DB plugin before 1.6 for WordPress allows CSRF via backend admin pages.
CVE-2021-39394 1 Mm-wiki Project 1 Mm-wiki 2024-11-21 6.5 Medium
mm-wiki v0.2.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add user accounts and modify user information.
CVE-2021-39243 1 Altus 30 Hadron Xtorm Hx3040, Hadron Xtorm Hx3040 Firmware, Nexto Nx3003 and 27 more 2024-11-21 6.5 Medium
Cross-Site Request Forgery (CSRF) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via any CGI endpoint. This affects Nexto NX3003 1.8.11.0, Nexto NX3004 1.8.11.0, Nexto NX3005 1.8.11.0, Nexto NX3010 1.8.3.0, Nexto NX3020 1.8.3.0, Nexto NX3030 1.8.3.0, Nexto NX5100 1.8.11.0, Nexto NX5101 1.8.11.0, Nexto NX5110 1.1.2.8, Nexto NX5210 1.1.2.8, Nexto Xpress XP300 1.8.11.0, Nexto Xpress XP315 1.8.11.0, Nexto Xpress XP325 1.8.11.0, Nexto Xpress XP340 1.8.11.0, and Hadron Xtorm HX3040 1.7.58.0.
CVE-2021-39209 1 Glpi-project 1 Glpi 2024-11-21 8.8 High
GLPI is a free Asset and IT management software package. In versions prior to 9.5.6, a user who is logged in to GLPI can bypass Cross-Site Request Forgery (CSRF) protection in many places. This could allow a malicious actor to perform many actions on GLPI. This issue is fixed in version 9.5.6. There are no workarounds aside from upgrading.