Vulnerabilities > Server-Side Request Forgery (SSRF)

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-12	CVE-2020-11980	Server-Side Request Forgery (SSRF) vulnerability in Apache Karaf In Karaf, JMX authentication takes place using JAAS and authorization takes place using ACL files. network low complexity apache CWE-918	6.3
2020-06-12	CVE-2020-9645	Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5 and earlier have a blind server-side request forgery (ssrf) vulnerability. network low complexity adobe CWE-918	7.5
2020-06-12	CVE-2020-9643	Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. network low complexity adobe CWE-918	7.5
2020-06-11	CVE-2020-12725	Server-Side Request Forgery (SSRF) vulnerability in Redash Havoc Research discovered an authenticated Server-Side Request Forgery (SSRF) via the "JSON" data source of Redash open-source 8.0.0 and prior. network low complexity redash CWE-918	7.2
2020-06-11	CVE-2020-4101	Server-Side Request Forgery (SSRF) vulnerability in Hcltech HCL Digital Experience 8.5/9.0/9.5 "HCL Digital Experience is susceptible to Server Side Request Forgery." network low complexity hcltech CWE-918 critical	9.8
2020-06-10	CVE-2020-6275	Server-Side Request Forgery (SSRF) vulnerability in SAP Netweaver Application Server Abap SAP Netweaver AS ABAP, versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, are vulnerable for Server Side Request Forgery Attack where in an attacker can use inappropriate path names containing malicious server names in the import/export of sessions functionality and coerce the web server into authenticating with the malicious server. network low complexity sap CWE-918 critical	9.8
2020-06-08	CVE-2020-4529	Server-Side Request Forgery (SSRF) vulnerability in IBM Maximo Asset Management 7.6.0.0/7.6.1.0 IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to server side request forgery (SSRF). network low complexity ibm CWE-918	7.4
2020-06-05	CVE-2020-8555	Server-Side Request Forgery (SSRF) vulnerability in multiple products The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery (SSRF) that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master's host network (such as link-local or loopback services). network high complexity kubernetes fedoraproject CWE-918	6.3
2020-06-03	CVE-2020-13379	Server-Side Request Forgery (SSRF) vulnerability in multiple products The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. network low complexity grafana fedoraproject netapp opensuse CWE-918	8.2
2020-06-01	CVE-2014-8943	Server-Side Request Forgery (SSRF) vulnerability in Piwigo Lexiglot Lexiglot through 2014-11-20 allows SSRF via the admin.php?page=projects svn_url parameter. network low complexity piwigo CWE-918	8.8