Vulnerabilities > Server-Side Request Forgery (SSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-09-23 | CVE-2021-21993 | Server-Side Request Forgery (SSRF) vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. | 4.0 |
2021-09-22 | CVE-2021-39339 | Server-Side Request Forgery (SSRF) vulnerability in Telefication The Telefication WordPress plugin is vulnerable to Open Proxy and Server-Side Request Forgery via the ~/bypass.php file due to a user-supplied URL request value that gets called by a curl requests. | 5.0 |
2021-09-21 | CVE-2021-37419 | Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Admanager Plus 6.1 Zoho ManageEngine ADSelfService Plus before 6112 is vulnerable to SSRF. | 5.0 |
2021-09-16 | CVE-2021-40438 | Server-Side Request Forgery (SSRF) vulnerability in multiple products A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. | 9.0 |
2021-09-15 | CVE-2021-33690 | Server-Side Request Forgery (SSRF) vulnerability in SAP Netweaver Development Infrastructure Server-Side Request Forgery (SSRF) vulnerability has been detected in the SAP NetWeaver Development Infrastructure Component Build Service versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50The SAP NetWeaver Development Infrastructure Component Build Service allows a threat actor who has access to the server to perform proxy attacks on server by sending crafted queries. | 6.5 |
2021-09-15 | CVE-2021-33705 | Server-Side Request Forgery (SSRF) vulnerability in SAP Netweaver Portal The SAP NetWeaver Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, component Iviews Editor contains a Server-Side Request Forgery (SSRF) vulnerability which allows an unauthenticated attacker to craft a malicious URL which when clicked by a user can make any type of request (e.g. | 5.8 |
2021-09-15 | CVE-2020-21122 | Server-Side Request Forgery (SSRF) vulnerability in Ureport Project Ureport 2.2.9 UReport v2.2.9 contains a Server-Side Request Forgery (SSRF) in the designer page which allows attackers to detect intranet device ports. | 5.0 |
2021-09-14 | CVE-2021-23029 | Server-Side Request Forgery (SSRF) vulnerability in F5 products On version 16.0.x before 16.0.1.2, insufficient permission checks may allow authenticated users with guest privileges to perform Server-Side Request Forgery (SSRF) attacks through F5 Advanced Web Application Firewall (WAF) and the BIG-IP ASM Configuration utility. | 6.5 |
2021-09-09 | CVE-2021-28910 | Server-Side Request Forgery (SSRF) vulnerability in Bab-Technologie Eibport Firmware 3.8.2/3.8.3 BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 contains basic SSRF vulnerability. | 5.0 |
2021-09-08 | CVE-2021-40537 | Server-Side Request Forgery (SSRF) vulnerability in Owncloud User Ldap Server Side Request Forgery (SSRF) vulnerability exists in owncloud/user_ldap < 0.15.4 in the settings of the user_ldap app. | 4.0 |