CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,384 vulnerabilities with CWE-352
CVE-2016-8513
HIGH
HPE Version Control Repository Manager < 7.6 - Cross-Site Request Forgery
CVSS 8.0
CVE-2016-0335
HIGH
IBM Security Identity Manager Virtual Appliance <7.0.1.0 - CSRF
CVSS 8.8
CVE-2016-10701
HIGH
Hitachi Vantara Pentaho Business Analytics < 8.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-1265
CRITICAL
Juniper Networks Junos Space <15.1R3 - RCE
CVSS 9.8
CVE-2016-1261
HIGH
Juniper Junos - Cross-Site Request Forgery and Denial of Service in J-Web
CVSS 7.1
CVE-2016-5789
HIGH
JanTek JTC-200 Firmware - Cross-Site Request Forgery
CVSS 8.0
CVE-2016-6806
HIGH
Apache Wicket 6.x < 6.25.0, 7.x < 7.5.0, 8.0.0-M1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-8737
HIGH
Apache Brooklyn < 0.10.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-2965
MEDIUM
IBM Sametime 8.5.2-9.0.1 - Cross-Site Request Forgery
CVSS 6.5
CVE-2016-0356
MEDIUM
IBM Sametime Enterprise Meeting Server <9.0 - CSRF
CVSS 6.5
CVE-2016-0355
MEDIUM
IBM Sametime Enterprise Meeting Server <9.0 - CSRF
CVSS 6.5
CVE-2016-9716
HIGH
IBM InfoSphere Master Data Management Server 11.0 11.3 11.4 11.5 11.6 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-9714
HIGH
IBM InfoSphere Master Data Management Server 10.1-11.6 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-7507
HIGH
GLPI 0.90.4 - Authenticated Cross-Site Request Forgery
CVSS 8.0
CVE-2016-1000218
HIGH
Kibana Reporting 2.4.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-7822
HIGH
Buffalo WNC01WH <= 1.0.0.8 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-7809
HIGH
Corega CG-WLR300NX Firmware <= 1.20 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-4909
MEDIUM
Cybozu Garoon 3.0.0-4.2.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2016-4907
HIGH
Cybozu Garoon 3.0.0-4.2.2 - Cross-Site Request Forgery Token Exposure
CVSS 8.8
CVE-2016-9991
HIGH
IBM Sterling Order Management 9.2-9.5 - Cross-Site Request Forgery
CVSS 8.0
CVE-2016-8229
HIGH
Lenovo Service Bridge < 4 - Cross-Site Request Forgery via DHCP Server
CVSS 8.8
CVE-2016-4904
HIGH
WP-OliveCart < 3.1.3 and WP-OliveCartPro < 3.1.8 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-4854
HIGH
NTT DOCOMO L-04D Firmware V10a and V10b - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-3403
HIGH
Zimbra Collaboration Suite < 8.6.0 - Cross-Site Request Forgery in Admin Console
CVSS 8.8
CVE-2016-4887
HIGH
baserCMS plugin Uploader <= 3.0.10 - Cross-Site Request Forgery
CVSS 8.8
Details
Vulnerabilities
9,384
Exploit Likelihood
Medium