Total
5731 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-3037 | 1 Ibm | 3 Rational Engineering Lifecycle Manager, Rational Rhapsody Design Manager, Rational Software Architect Design Manager | 2017-08-29 | 6.0 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in IBM Configuration Management Application (aka VVC) in IBM Rational Engineering Lifecycle Manager before 4.0.7 and 5.x before 5.0.1, Rational Software Architect Design Manager before 4.0.7 and 5.x before 5.0.1, and Rational Rhapsody Design Manager before 4.0.7 and 5.x before 5.0.1 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences. | |||||
| CVE-2014-3024 | 1 Ibm | 2 Maximo Asset Management, Smartcloud Control Desk | 2017-08-29 | 6.0 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 through 7.5.0.6 and Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk allows remote authenticated users to hijack the authentication of arbitrary users. | |||||
| CVE-2014-3015 | 1 Ibm | 1 Sametime Proxy Server And Web Client | 2017-08-29 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Web player in IBM Sametime Proxy Server and Web Client 9.0 through 9.0.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. | |||||
| CVE-2014-2659 | 1 Papercut | 2 Papercut Mf, Papercut Ng | 2017-08-29 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the admin UI in Papercut MF and NG before 14.1 (Build 26983) allows remote attackers to hijack the authentication of administrators via unspecified vectors. | |||||
| CVE-2014-2633 | 1 Hp | 1 Service Manager | 2017-08-29 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the server in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2014-2598 | 1 Quick Page\/post Redirect Project | 1 Quick Page\/post Redirect | 2017-08-29 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Quick Page/Post Redirect plugin before 5.0.5 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the quickppr_redirects[request][] parameter in the redirect-updates page to wp-admin/admin.php. | |||||
| CVE-2014-2559 | 1 Twitget Project | 1 Twitget | 2017-08-29 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in twitget.php in the Twitget plugin before 3.3.3 for WordPress allow remote attackers to hijack the authentication of administrators for requests that change unspecified plugin options via a request to wp-admin/options-general.php. | |||||
| CVE-2014-2518 | 1 Emc | 9 Digital Assets Manager, Documentum Administrator, Documentum Capital Projects and 6 more | 2017-08-29 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Documentum WDK before 6.7SP1 P28 and 6.7SP2 before P15 allow remote attackers to hijack the authentication of arbitrary users. | |||||
| CVE-2014-2152 | 1 Cisco | 1 Prime Infrastructure | 2017-08-29 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the INSERT page in Cisco Prime Infrastructure (PI) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun21868. | |||||
| CVE-2014-1473 | 1 Mcafee | 1 Vulnerability Manager | 2017-08-29 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Enterprise Manager in McAfee Vulnerability Manager (MVM) 7.5.5 and earlier allow remote attackers to hijack the authentication of users for requests that modify HTML via unspecified vectors related to the "response web page." | |||||
| CVE-2014-1211 | 1 Vmware | 1 Vcloud Director | 2017-08-29 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in VMware vCloud Director 5.1.x before 5.1.3 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a logout. | |||||
| CVE-2014-0969 | 1 Ibm | 2 Infosphere Master Data Management, Infosphere Master Data Management Server For Product Information Management | 2017-08-29 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x through 11.x before 11.3-IF2 allows remote authenticated users to hijack the authentication of arbitrary users. | |||||
| CVE-2014-0961 | 1 Ibm | 2 Security Identity Manager, Tivoli Identity Manager | 2017-08-29 | 6.0 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in IBM Tivoli Identity Manager (ITIM) 5.0 before 5.0.0.15 and 5.1 before 5.1.0.15 and IBM Security Identity Manager (ISIM) 6.0 before 6.0.0.2 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences. | |||||
| CVE-2014-0944 | 1 Ibm | 1 Operational Decision Manager | 2017-08-29 | 6.0 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the RES Console in Rule Execution Server in IBM Operational Decision Manager 7.5 before FP3 IF37, 8.0 before MP1 FP2, and 8.5 before MP1 IF26 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences. | |||||
| CVE-2014-0933 | 1 Ibm | 1 Infosphere Information Server Metadata Workbench | 2017-08-29 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere Information Server Metadata Workbench 8.1 through 9.1 allows remote attackers to hijack the authentication of arbitrary users. | |||||
| CVE-2014-0929 | 1 Ibm | 1 Connections | 2017-08-29 | 6.0 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Profiles component in IBM Connections through 3.0.1.1 CR3 allows remote authenticated users to hijack the authentication of arbitrary users for requests that trigger follow actions. | |||||
| CVE-2014-0885 | 1 Ibm | 1 Lotus Protector For Mail Security | 2017-08-29 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2014-0873 | 1 Ibm | 1 Infosphere Master Data Management Server | 2017-08-29 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) Data Stewardship, (2) Business Admin, and (3) Product interfaces in IBM InfoSphere Master Data Management (MDM) Server 8.5 before 8.5.0.82, 9.0.1 before 9.0.1.38, 9.0.2 before 9.0.2.35, 10.0 before 10.0.0.0.26, and 10.1 before 10.1.0.0.15 allow remote attackers to hijack the authentication of arbitrary users. | |||||
| CVE-2014-0835 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2017-08-29 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar SIEM 7.2 MR1 and earlier allows remote attackers to hijack the authentication of administrators for requests that modify console Auto Update settings. | |||||
| CVE-2014-0813 | 1 Phpmyfaq | 1 Phpmyfaq | 2017-08-29 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in phpMyFAQ before 2.8.6 allows remote attackers to hijack the authentication of arbitrary users for requests that modify settings. | |||||