Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-13 | CVE-2024-34111 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Commerce and Magento Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. | 8.8 |
| 2024-06-10 | CVE-2024-36414 | Server-Side Request Forgery (SSRF) vulnerability in Salesagility Suitecrm SuiteCRM is an open-source Customer Relationship Management (CRM) software application. | 6.5 |
| 2024-06-06 | CVE-2024-5186 | Server-Side Request Forgery (SSRF) vulnerability in Zylon Privategpt 0.5.0 A Server-Side Request Forgery (SSRF) vulnerability exists in the file upload section of imartinez/privategpt version 0.5.0. | 8.6 |
| 2024-06-06 | CVE-2024-4177 | Server-Side Request Forgery (SSRF) vulnerability in Bitdefender Gravityzone A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. | 9.8 |
| 2024-06-05 | CVE-2024-20404 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Finesse A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct an SSRF attack on an affected system. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected system. | 5.3 |
| 2024-06-05 | CVE-2024-5526 | Server-Side Request Forgery (SSRF) vulnerability in Grafana Oncall Grafana OnCall is an easy-to-use on-call management tool that will help reduce toil in on-call management through simpler workflows and interfaces that are tailored specifically for engineers. Grafana OnCall, from version 1.1.37 before 1.5.2 are vulnerable to a Server Side Request Forgery (SSRF) vulnerability in the webhook functionallity. | 9.1 |
| 2024-06-04 | CVE-2024-36675 | Server-Side Request Forgery (SSRF) vulnerability in Lylme Spage 1.9.5 LyLme_spage v1.9.5 is vulnerable to Server-Side Request Forgery (SSRF) via the get_head function. | 9.1 |
| 2024-06-04 | CVE-2024-4219 | Server-Side Request Forgery (SSRF) vulnerability in Beyondtrust Beyondinsight 23.1 Prior to 23.2, it is possible to perform arbitrary Server-Side requests via HTTP-based connectors within BeyondInsight, resulting in a server-side request forgery vulnerability. | 9.1 |
| 2024-05-22 | CVE-2024-5031 | Server-Side Request Forgery (SSRF) vulnerability in Caseproof Memberpress The Memberpress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.11.29 via the 'mepr-user-file' shortcode. | 6.4 |
| 2024-05-15 | CVE-2024-3485 | Server-Side Request Forgery (SSRF) vulnerability in Microfocus Imanager Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. | 7.5 |