Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-12 | CVE-2022-25026 | Server-Side Request Forgery (SSRF) vulnerability in Rocketsoftware Trufusion Enterprise A Server-Side Request Forgery (SSRF) in Rocket TRUfusion Portal v7.9.2.1 allows remote attackers to gain access to sensitive resources on the internal network via a crafted HTTP request to /trufusionPortal/upDwModuleProxy. | 7.5 |
| 2023-01-01 | CVE-2022-45027 | Server-Side Request Forgery (SSRF) vulnerability in Perfsonar perfSONAR before 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address. | 5.3 |
| 2022-12-29 | CVE-2022-38203 | Server-Side Request Forgery (SSRF) vulnerability in Esri Portal for Arcgis Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to network enumeration or reading from hosts inside the network perimeter, a different issue than CVE-2022-38211 and CVE-2022-38212. | 7.5 |
| 2022-12-28 | CVE-2022-23544 | Server-Side Request Forgery (SSRF) vulnerability in Metersphere MeterSphere is a one-stop open source continuous testing platform, covering test management, interface testing, UI testing and performance testing. | 6.1 |
| 2022-12-27 | CVE-2022-45429 | Server-Side Request Forgery (SSRF) vulnerability in Dahuasecurity products Some Dahua software products have a vulnerability of server-side request forgery (SSRF). | 7.5 |
| 2022-12-26 | CVE-2022-37313 | Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite OX App Suite through 7.10.6 allows SSRF because the anti-SSRF protection mechanism only checks the first DNS AA or AAAA record. | 5.3 |
| 2022-12-21 | CVE-2022-47635 | Server-Side Request Forgery (SSRF) vulnerability in Wildix WMS 4.0/5.0/6.0 Wildix WMS 6 before 6.02.20221216, WMS 5 before 5.04.20221214, and WMS4 before 4.04.45396.23 allows Server-side request forgery (SSRF) via ZohoClient.php. | 9.8 |
| 2022-12-19 | CVE-2022-38708 | Server-Side Request Forgery (SSRF) vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.1.7 11.2.0, and 11.2.1 could be vulnerable to a Server-Side Request Forgery Attack (SSRF) attack by constructing URLs from user-controlled data. | 9.1 |
| 2022-12-08 | CVE-2022-46830 | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Teamcity 2022.10/2022.10.1 In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning. | 5.3 |
| 2022-12-04 | CVE-2022-35508 | Server-Side Request Forgery (SSRF) vulnerability in Proxmox products Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) are vulnerable to SSRF when proxying HTTP requests between pve(pmg)proxy and pve(pmg)daemon. | 9.8 |