Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-22 | CVE-2023-46303 | Server-Side Request Forgery (SSRF) vulnerability in Calibre-Ebook Calibre link_to_local_path in ebooks/conversion/plugins/html_input.py in calibre before 6.19.0 can, by default, add resources outside of the document root. | 7.5 |
| 2023-10-20 | CVE-2023-44256 | Server-Side Request Forgery (SSRF) vulnerability in Fortinet Fortianalyzer and Fortimanager A server-side request forgery vulnerability [CWE-918] in Fortinet FortiAnalyzer version 7.4.0, version 7.2.0 through 7.2.3 and before 7.0.8 and FortiManager version 7.4.0, version 7.2.0 through 7.2.3 and before 7.0.8 allows a remote attacker with low privileges to view sensitive data from internal servers or perform a local port scan via a crafted HTTP request. | 6.5 |
| 2023-10-19 | CVE-2023-41899 | Server-Side Request Forgery (SSRF) vulnerability in Home-Assistant Home assistant is an open source home automation. | 7.2 |
| 2023-10-19 | CVE-2023-45822 | Server-Side Request Forgery (SSRF) vulnerability in Artifacthub HUB Artifact Hub is a web-based application that enables finding, installing, and publishing packages and configurations for CNCF projects. | 5.3 |
| 2023-10-19 | CVE-2023-25753 | Server-Side Request Forgery (SSRF) vulnerability in Apache Shenyu 2.5.1 There exists an SSRF (Server-Side Request Forgery) vulnerability located at the /sandbox/proxyGateway endpoint. | 6.5 |
| 2023-10-19 | CVE-2023-46229 | Server-Side Request Forgery (SSRF) vulnerability in Langchain LangChain before 0.0.317 allows SSRF via document_loaders/recursive_url_loader.py because crawling can proceed from an external server to an internal server. | 8.8 |
| 2023-10-17 | CVE-2023-45152 | Server-Side Request Forgery (SSRF) vulnerability in Engelsystem Engelsystem is a shift planning system for chaos events. | 2.3 |
| 2023-10-09 | CVE-2023-39854 | Server-Side Request Forgery (SSRF) vulnerability in ATX Ucrypt 3.5 The web interface of ATX Ucrypt through 3.5 allows authenticated users (or attackers using default credentials for the admin, master, or user account) to include files via a URL in the /hydra/view/get_cc_url url parameter. | 6.5 |
| 2023-10-06 | CVE-2023-44384 | Server-Side Request Forgery (SSRF) vulnerability in Discourse Jira 20231001 Discourse-jira is a Discourse plugin allows Jira projects, issue types, fields and field options will be synced automatically. | 4.1 |
| 2023-10-02 | CVE-2023-3744 | Server-Side Request Forgery (SSRF) vulnerability in Slims Senayan Library Management System 9.6.0 Server-Side Request Forgery vulnerability in SLims version 9.6.0. | 8.8 |