Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (10195 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-3957 1 Kimai 1 Kimai 2 2024-11-21 4.3 Medium
kimai2 is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3944 1 Bookstackapp 1 Bookstack 2024-11-21 6.8 Medium
bookstack is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3932 1 Area17 1 Twill 2024-11-21 4.3 Medium
twill is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3931 1 Snipeitapp 1 Snipe-it 2024-11-21 4.3 Medium
snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3921 1 Firefly-iii 1 Firefly Iii 2024-11-21 4.3 Medium
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3901 1 Firefly-iii 1 Firefly Iii 2024-11-21 8.8 High
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3900 1 Firefly-iii 1 Firefly Iii 2024-11-21 6.5 Medium
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3858 1 Snipeitapp 1 Snipe-it 2024-11-21 8.8 High
snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3819 1 Firefly-iii 1 Firefly Iii 2024-11-21 8.8 High
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3776 1 Showdoc 1 Showdoc 2024-11-21 5.4 Medium
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3775 1 Showdoc 1 Showdoc 2024-11-21 5.4 Medium
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3772 5 Debian, Linux, Netapp and 2 more 26 Debian Linux, Linux Kernel, E-series Santricity Os Controller and 23 more 2024-11-21 6.5 Medium
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.
CVE-2021-3734 1 Yourls 1 Yourls 2024-11-21 8.8 High
yourls is vulnerable to Improper Restriction of Rendered UI Layers or Frames
CVE-2021-3730 1 Firefly-iii 1 Firefly Iii 2024-11-21 6.5 Medium
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3729 1 Firefly-iii 1 Firefly Iii 2024-11-21 4.3 Medium
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3728 1 Firefly-iii 1 Firefly Iii 2024-11-21 6.5 Medium
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3683 1 Showdoc 1 Showdoc 2024-11-21 6.5 Medium
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3133 1 Sean-barton 1 Elementor Contact Form Db 2024-11-21 6.5 Medium
The Elementor Contact Form DB plugin before 1.6 for WordPress allows CSRF via backend admin pages.
CVE-2021-39394 1 Mm-wiki Project 1 Mm-wiki 2024-11-21 6.5 Medium
mm-wiki v0.2.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add user accounts and modify user information.
CVE-2021-39243 1 Altus 30 Hadron Xtorm Hx3040, Hadron Xtorm Hx3040 Firmware, Nexto Nx3003 and 27 more 2024-11-21 6.5 Medium
Cross-Site Request Forgery (CSRF) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via any CGI endpoint. This affects Nexto NX3003 1.8.11.0, Nexto NX3004 1.8.11.0, Nexto NX3005 1.8.11.0, Nexto NX3010 1.8.3.0, Nexto NX3020 1.8.3.0, Nexto NX3030 1.8.3.0, Nexto NX5100 1.8.11.0, Nexto NX5101 1.8.11.0, Nexto NX5110 1.1.2.8, Nexto NX5210 1.1.2.8, Nexto Xpress XP300 1.8.11.0, Nexto Xpress XP315 1.8.11.0, Nexto Xpress XP325 1.8.11.0, Nexto Xpress XP340 1.8.11.0, and Hadron Xtorm HX3040 1.7.58.0.