Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-918 Clear
ID Title
CVE-2024-25294 SSRF (Server-Side Request Forgery) in ssrf (CVE-2024-25294)
SSRF in ssrf (CVE-2024-25294). Confidential information can be exposed externally.
CVE-2024-22873 SSRF (Server-Side Request Forgery) in ssrf (CVE-2024-22873)
SSRF in ssrf (CVE-2024-22873). Confidential information can be exposed externally.
CVE-2024-21893 KEV [KEV] SSRF (Server-Side Request Forgery) in Ivanti connect-secure (CVE-2024-21893)
SSRF in Ivanti connect-secure (CVE-2024-21893). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-41763 KEV [KEV] SSRF (Server-Side Request Forgery) in Microsoft skype-for-business (CVE-2023-41763)
SSRF in Microsoft skype-for-business (CVE-2023-41763). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-41449 SSRF (Server-Side Request Forgery) in phpkobo (CVE-2023-41449)
SSRF in phpkobo (CVE-2023-41449). Successful exploitation can lead to full system takeover.
CVE-2023-36088 SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-36088)
SSRF in ssrf (CVE-2023-36088). Confidential information can be exposed externally.
CVE-2021-35391 SSRF (Server-Side Request Forgery) in deskpro (CVE-2021-35391)
SSRF in deskpro (CVE-2021-35391). Successful exploitation can lead to full system takeover.
CVE-2023-35175 SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-35175)
SSRF in ssrf (CVE-2023-35175). Successful exploitation can lead to full system takeover.
CVE-2023-26735 SSRF (Server-Side Request Forgery) in prometheus (CVE-2023-26735)
SSRF in prometheus (CVE-2023-26735). Confidential information can be exposed externally.
CVE-2023-27162 SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-27162)
SSRF in ssrf (CVE-2023-27162). Confidential information can be exposed externally.
CVE-2023-27163 SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-27163)
SSRF in ssrf (CVE-2023-27163). Confidential information can be exposed externally.
CVE-2023-27159 SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-27159)
SSRF in ssrf (CVE-2023-27159). Confidential information can be exposed externally.
CVE-2023-27160 SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-27160)
SSRF in ssrf (CVE-2023-27160). Successful exploitation can lead to full system takeover.
CVE-2023-1725 SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-1725)
SSRF in ssrf (CVE-2023-1725). Successful exploitation can lead to full system takeover.
CVE-2023-25262 SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-25262)
SSRF in ssrf (CVE-2023-25262). Confidential information can be exposed externally.
CVE-2023-27161 SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-27161)
SSRF in ssrf (CVE-2023-27161). Confidential information can be exposed externally.
CVE-2022-45085 SSRF (Server-Side Request Forgery) in ssrf (CVE-2022-45085)
SSRF in ssrf (CVE-2022-45085). Confidential information can be exposed externally.
CVE-2021-37498 SSRF (Server-Side Request Forgery) in ssrf (CVE-2021-37498)
SSRF in ssrf (CVE-2021-37498). Risk of unauthorized operations or information disclosure.
CVE-2022-40842 SSRF (Server-Side Request Forgery) in ssrf (CVE-2022-40842)
SSRF in ssrf (CVE-2022-40842). Confidential information can be exposed externally.
CVE-2022-38580 Zalando Skipper v0.13.236 is vulnerable to Server-Side Request Forgery (SSRF).
Zalando Skipper v0.13.236 is vulnerable to Server-Side Request Forgery (SSRF).
CVE-2022-36551 SSRF (Server-Side Request Forgery) in label-studio (CVE-2022-36551)
SSRF in label-studio (CVE-2022-36551). Confidential information can be exposed externally. Mitigation: upgrade to `1.5.0.post0` or later.
CVE-2022-41040 KEV [KEV] SSRF (Server-Side Request Forgery) in Microsoft exchange-server (CVE-2022-41040)
SSRF in Microsoft exchange-server (CVE-2022-41040). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-24815 SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-24815)
SSRF in ssrf (CVE-2020-24815). Confidential information can be exposed externally.
CVE-2020-28043 SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-28043)
SSRF in ssrf (CVE-2020-28043). Confidential information can be exposed externally.
CVE-2020-25466 SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-25466)
SSRF in ssrf (CVE-2020-25466). Successful exploitation can lead to full system takeover.
CVE-2020-22983 SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-22983)
SSRF in ssrf (CVE-2020-22983). Confidential information can be exposed externally.
CVE-2020-27375 SSRF (Server-Side Request Forgery) in drtrustusa (CVE-2020-27375)
SSRF in drtrustusa (CVE-2020-27375). Data can be tampered with by attackers.
CVE-2022-27245 SSRF (Server-Side Request Forgery) in ssrf (CVE-2022-27245)
SSRF in ssrf (CVE-2022-27245). Successful exploitation can lead to full system takeover.
CVE-2021-21973 KEV [KEV] Vulnerability in Vmware vcenter-server-and-cloud-foundation (CVE-2021-21973)
vulnerability in Vmware vcenter-server-and-cloud-foundation (CVE-2021-21973). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-42637 SSRF (Server-Side Request Forgery) in ssrf (CVE-2021-42637)
SSRF in ssrf (CVE-2021-42637). Successful exploitation can lead to full system takeover.
CVE-2021-21975 KEV [KEV] SSRF (Server-Side Request Forgery) in Vmware vrealize-operations-manager-api (CVE-2021-21975)
SSRF in Vmware vrealize-operations-manager-api (CVE-2021-21975). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-40438 KEV [KEV] SSRF (Server-Side Request Forgery) in apache (CVE-2021-40438)
SSRF in apache (CVE-2021-40438). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-27103 KEV [KEV] SSRF (Server-Side Request Forgery) in Accellion fta (CVE-2021-27103)
SSRF in Accellion fta (CVE-2021-27103). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-34473 KEV [KEV] SSRF (Server-Side Request Forgery) in Microsoft exchange-server (CVE-2021-34473)
SSRF in Microsoft exchange-server (CVE-2021-34473). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-26855 KEV [KEV] SSRF (Server-Side Request Forgery) in Microsoft exchange-server (CVE-2021-26855)
SSRF in Microsoft exchange-server (CVE-2021-26855). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-21985 KEV [KEV] Vulnerability in Vmware vcenter-server (CVE-2021-21985)
vulnerability in Vmware vcenter-server (CVE-2021-21985). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-37223 SSRF (Server-Side Request Forgery) in ssrf (CVE-2021-37223)
SSRF in ssrf (CVE-2021-37223). Confidential information can be exposed externally.
CVE-2017-17674 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-17674)
SSRF in ssrf (CVE-2017-17674). Successful exploitation can lead to full system takeover.
CVE-2017-15886 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-15886)
SSRF in ssrf (CVE-2017-15886). Confidential information can be exposed externally.
CVE-2017-17697 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-17697)
SSRF in ssrf (CVE-2017-17697). Confidential information can be exposed externally.
CVE-2017-16678 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-16678)
SSRF in ssrf (CVE-2017-16678). Risk of unauthorized operations or information disclosure.
CVE-2017-15943 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-15943)
SSRF in ssrf (CVE-2017-15943). Risk of unauthorized operations or information disclosure.
CVE-2017-11291 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-11291)
SSRF in ssrf (CVE-2017-11291). Confidential information can be exposed externally.
CVE-2017-14585 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-14585)
SSRF in ssrf (CVE-2017-14585). Successful exploitation can lead to full system takeover.
CVE-2017-4928 Cross-Site Request Forgery (CSRF) in ssrf (CVE-2017-4928)
vulnerability in ssrf (CVE-2017-4928). Confidential information can be exposed externally.
CVE-2017-16870 SSRF (Server-Side Request Forgery) in wordpress (CVE-2017-16870)
SSRF in wordpress (CVE-2017-16870). Successful exploitation can lead to full system takeover.
CVE-2017-0889 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-0889)
SSRF in ssrf (CVE-2017-0889). Successful exploitation can lead to full system takeover.
CVE-2017-0905 SSRF (Server-Side Request Forgery) in recurly (CVE-2017-0905)
SSRF in recurly (CVE-2017-0905). Successful exploitation can lead to full system takeover.
CVE-2017-0906 SSRF (Server-Side Request Forgery) in recurly (CVE-2017-0906)
SSRF in recurly (CVE-2017-0906). Successful exploitation can lead to full system takeover.
CVE-2017-0907 SSRF (Server-Side Request Forgery) in csharp (CVE-2017-0907)
SSRF in csharp (CVE-2017-0907). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →