Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2024-25294 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2024-25294)
SSRF in ssrf (CVE-2024-25294). Confidential information can be exposed externally.
|
| CVE-2024-22873 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2024-22873)
SSRF in ssrf (CVE-2024-22873). Confidential information can be exposed externally.
|
| CVE-2024-21893 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Ivanti connect-secure (CVE-2024-21893)
SSRF in Ivanti connect-secure (CVE-2024-21893). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-41763 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Microsoft skype-for-business (CVE-2023-41763)
SSRF in Microsoft skype-for-business (CVE-2023-41763). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-41449 |
|
SSRF (Server-Side Request Forgery) in phpkobo (CVE-2023-41449)
SSRF in phpkobo (CVE-2023-41449). Successful exploitation can lead to full system takeover.
|
| CVE-2023-36088 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-36088)
SSRF in ssrf (CVE-2023-36088). Confidential information can be exposed externally.
|
| CVE-2021-35391 |
|
SSRF (Server-Side Request Forgery) in deskpro (CVE-2021-35391)
SSRF in deskpro (CVE-2021-35391). Successful exploitation can lead to full system takeover.
|
| CVE-2023-35175 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-35175)
SSRF in ssrf (CVE-2023-35175). Successful exploitation can lead to full system takeover.
|
| CVE-2023-26735 |
|
SSRF (Server-Side Request Forgery) in prometheus (CVE-2023-26735)
SSRF in prometheus (CVE-2023-26735). Confidential information can be exposed externally.
|
| CVE-2023-27162 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-27162)
SSRF in ssrf (CVE-2023-27162). Confidential information can be exposed externally.
|
| CVE-2023-27163 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-27163)
SSRF in ssrf (CVE-2023-27163). Confidential information can be exposed externally.
|
| CVE-2023-27159 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-27159)
SSRF in ssrf (CVE-2023-27159). Confidential information can be exposed externally.
|
| CVE-2023-27160 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-27160)
SSRF in ssrf (CVE-2023-27160). Successful exploitation can lead to full system takeover.
|
| CVE-2023-1725 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-1725)
SSRF in ssrf (CVE-2023-1725). Successful exploitation can lead to full system takeover.
|
| CVE-2023-25262 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-25262)
SSRF in ssrf (CVE-2023-25262). Confidential information can be exposed externally.
|
| CVE-2023-27161 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2023-27161)
SSRF in ssrf (CVE-2023-27161). Confidential information can be exposed externally.
|
| CVE-2022-45085 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2022-45085)
SSRF in ssrf (CVE-2022-45085). Confidential information can be exposed externally.
|
| CVE-2021-37498 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2021-37498)
SSRF in ssrf (CVE-2021-37498). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-40842 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2022-40842)
SSRF in ssrf (CVE-2022-40842). Confidential information can be exposed externally.
|
| CVE-2022-38580 |
|
Zalando Skipper v0.13.236 is vulnerable to Server-Side Request Forgery (SSRF).
Zalando Skipper v0.13.236 is vulnerable to Server-Side Request Forgery (SSRF).
|
| CVE-2022-36551 |
|
SSRF (Server-Side Request Forgery) in label-studio (CVE-2022-36551)
SSRF in label-studio (CVE-2022-36551). Confidential information can be exposed externally. Mitigation: upgrade to `1.5.0.post0` or later.
|
| CVE-2022-41040 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Microsoft exchange-server (CVE-2022-41040)
SSRF in Microsoft exchange-server (CVE-2022-41040). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-24815 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-24815)
SSRF in ssrf (CVE-2020-24815). Confidential information can be exposed externally.
|
| CVE-2020-28043 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-28043)
SSRF in ssrf (CVE-2020-28043). Confidential information can be exposed externally.
|
| CVE-2020-25466 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-25466)
SSRF in ssrf (CVE-2020-25466). Successful exploitation can lead to full system takeover.
|
| CVE-2020-22983 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2020-22983)
SSRF in ssrf (CVE-2020-22983). Confidential information can be exposed externally.
|
| CVE-2020-27375 |
|
SSRF (Server-Side Request Forgery) in drtrustusa (CVE-2020-27375)
SSRF in drtrustusa (CVE-2020-27375). Data can be tampered with by attackers.
|
| CVE-2022-27245 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2022-27245)
SSRF in ssrf (CVE-2022-27245). Successful exploitation can lead to full system takeover.
|
| CVE-2021-21973 KEV |
|
[KEV] Vulnerability in Vmware vcenter-server-and-cloud-foundation (CVE-2021-21973)
vulnerability in Vmware vcenter-server-and-cloud-foundation (CVE-2021-21973). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-42637 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2021-42637)
SSRF in ssrf (CVE-2021-42637). Successful exploitation can lead to full system takeover.
|
| CVE-2021-21975 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Vmware vrealize-operations-manager-api (CVE-2021-21975)
SSRF in Vmware vrealize-operations-manager-api (CVE-2021-21975). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-40438 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in apache (CVE-2021-40438)
SSRF in apache (CVE-2021-40438). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-27103 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Accellion fta (CVE-2021-27103)
SSRF in Accellion fta (CVE-2021-27103). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-34473 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Microsoft exchange-server (CVE-2021-34473)
SSRF in Microsoft exchange-server (CVE-2021-34473). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-26855 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Microsoft exchange-server (CVE-2021-26855)
SSRF in Microsoft exchange-server (CVE-2021-26855). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-21985 KEV |
|
[KEV] Vulnerability in Vmware vcenter-server (CVE-2021-21985)
vulnerability in Vmware vcenter-server (CVE-2021-21985). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-37223 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2021-37223)
SSRF in ssrf (CVE-2021-37223). Confidential information can be exposed externally.
|
| CVE-2017-17674 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-17674)
SSRF in ssrf (CVE-2017-17674). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15886 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-15886)
SSRF in ssrf (CVE-2017-15886). Confidential information can be exposed externally.
|
| CVE-2017-17697 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-17697)
SSRF in ssrf (CVE-2017-17697). Confidential information can be exposed externally.
|
| CVE-2017-16678 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-16678)
SSRF in ssrf (CVE-2017-16678). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15943 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-15943)
SSRF in ssrf (CVE-2017-15943). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-11291 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-11291)
SSRF in ssrf (CVE-2017-11291). Confidential information can be exposed externally.
|
| CVE-2017-14585 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-14585)
SSRF in ssrf (CVE-2017-14585). Successful exploitation can lead to full system takeover.
|
| CVE-2017-4928 |
|
Cross-Site Request Forgery (CSRF) in ssrf (CVE-2017-4928)
vulnerability in ssrf (CVE-2017-4928). Confidential information can be exposed externally.
|
| CVE-2017-16870 |
|
SSRF (Server-Side Request Forgery) in wordpress (CVE-2017-16870)
SSRF in wordpress (CVE-2017-16870). Successful exploitation can lead to full system takeover.
|
| CVE-2017-0889 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-0889)
SSRF in ssrf (CVE-2017-0889). Successful exploitation can lead to full system takeover.
|
| CVE-2017-0905 |
|
SSRF (Server-Side Request Forgery) in recurly (CVE-2017-0905)
SSRF in recurly (CVE-2017-0905). Successful exploitation can lead to full system takeover.
|
| CVE-2017-0906 |
|
SSRF (Server-Side Request Forgery) in recurly (CVE-2017-0906)
SSRF in recurly (CVE-2017-0906). Successful exploitation can lead to full system takeover.
|
| CVE-2017-0907 |
|
SSRF (Server-Side Request Forgery) in csharp (CVE-2017-0907)
SSRF in csharp (CVE-2017-0907). Successful exploitation can lead to full system takeover.
|