Vulnerabilities > Server-Side Request Forgery (SSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-26 | CVE-2023-24495 | Server-Side Request Forgery (SSRF) vulnerability in Tenable Tenable.Sc A Server Side Request Forgery (SSRF) vulnerability exists in Tenable.sc due to improper validation of session & user-accessible input data. | 6.5 |
2023-01-23 | CVE-2023-23560 | Server-Side Request Forgery (SSRF) vulnerability in Lexmark products In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation. | 9.8 |
2023-01-23 | CVE-2021-43449 | Server-Side Request Forgery (SSRF) vulnerability in Onlyoffice Server 7.0.0.49 ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Server-Side Request Forgery (SSRF). | 8.1 |
2023-01-20 | CVE-2021-37498 | Server-Side Request Forgery (SSRF) vulnerability in Reprisesoftware Reprise License Manager An SSRF issue was discovered in Reprise License Manager (RLM) web interface through 14.2BL4 that allows remote attackers to trigger outbound requests to intranet servers, conduct port scans via the actserver parameter in License Activation function. | 6.5 |
2023-01-20 | CVE-2023-20002 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to bypass access controls and conduct an SSRF attack through an affected device. This vulnerability is due to improper validation of user-supplied input. | 4.4 |
2023-01-18 | CVE-2022-45926 | Server-Side Request Forgery (SSRF) vulnerability in Opentext Extended ECM An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). | 8.8 |
2023-01-13 | CVE-2023-22493 | Server-Side Request Forgery (SSRF) vulnerability in Rsshub 20210125 RSSHub is an open source RSS feed generator. | 7.5 |
2023-01-13 | CVE-2022-3841 | Server-Side Request Forgery (SSRF) vulnerability in Redhat Advanced Cluster Management for Kubernetes 2.0 RHACM: unauthenticated SSRF in console API endpoint. | 7.8 |
2023-01-12 | CVE-2022-25026 | Server-Side Request Forgery (SSRF) vulnerability in Rocketsoftware Trufusion Enterprise A Server-Side Request Forgery (SSRF) in Rocket TRUfusion Portal v7.9.2.1 allows remote attackers to gain access to sensitive resources on the internal network via a crafted HTTP request to /trufusionPortal/upDwModuleProxy. | 7.5 |
2023-01-03 | CVE-2022-39039 | Server-Side Request Forgery (SSRF) vulnerability in Aenrich A+Hrd 6.8/7.0 aEnrich’s a+HRD has inadequate filtering for specific URL parameter. | 9.8 |