Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-05 | CVE-2024-27565 | Server-Side Request Forgery (SSRF) vulnerability in Dirk1983 Chatgpt-Wechat-Personal 20230329 A Server-Side Request Forgery (SSRF) in weixin.php of ChatGPT-wechat-personal commit a0857f6 allows attackers to force the application to make arbitrary requests. | 9.8 |
| 2024-03-03 | CVE-2022-43880 | Server-Side Request Forgery (SSRF) vulnerability in IBM Qradar Wincollect 10.0/10.0.1 IBM QRadar WinCollect Agent 10.0 through 10.1.2 could allow a privileged user to cause a denial of service. | 4.4 |
| 2024-02-28 | CVE-2024-1965 | Server-Side Request Forgery (SSRF) vulnerability in Haivision Maanager and Streamhub Server-Side Request Forgery vulnerability in Haivision's Aviwest Manager and Aviwest Steamhub. | 5.3 |
| 2024-02-28 | CVE-2024-1568 | Server-Side Request Forgery (SSRF) vulnerability in S-Sols Seraphinite Accelerator The Seraphinite Accelerator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.20.52 via the OnAdminApi_HtmlCheck function. | 6.4 |
| 2024-02-21 | CVE-2024-23654 | Server-Side Request Forgery (SSRF) vulnerability in Discourse AI discourse-ai is the AI plugin for the open-source discussion platform Discourse. | 7.2 |
| 2024-02-14 | CVE-2023-5122 | Server-Side Request Forgery (SSRF) vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. | 5.3 |
| 2024-02-14 | CVE-2024-23788 | Server-Side Request Forgery (SSRF) vulnerability in Sharp Jh-Rv11 Firmware and Jh-Rvb1 Firmware Server-side request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to send an arbitrary HTTP request (GET) from the affected product. | 8.1 |
| 2024-02-12 | CVE-2024-23761 | Server-Side Request Forgery (SSRF) vulnerability in Gambio 4.9.2.0 Server Side Template Injection in Gambio 4.9.2.0 allows attackers to run arbitrary code via crafted smarty email template. | 9.8 |
| 2024-02-12 | CVE-2023-6294 | Server-Side Request Forgery (SSRF) vulnerability in Sygnoos Popup Builder The Popup Builder WordPress plugin before 4.2.6 does not validate a parameter before making a request to it, which could allow users with the administrator role to perform SSRF attack in Multisite WordPress configurations. | 7.2 |
| 2024-02-09 | CVE-2024-24829 | Server-Side Request Forgery (SSRF) vulnerability in Sentry Sentry is an error tracking and performance monitoring platform. | 5.3 |