Vulnerabilities > Server-Side Request Forgery (SSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-12-16 | CVE-2019-14476 | Server-Side Request Forgery (SSRF) vulnerability in Adremsoft Netcrunch 10.6.0.4587 AdRem NetCrunch 10.6.0.4587 has a Server-Side Request Forgery (SSRF) vulnerability in the NetCrunch server. | 4.0 |
2020-12-16 | CVE-2020-26258 | Server-Side Request Forgery (SSRF) vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 7.7 |
2020-12-15 | CVE-2020-10770 | Server-Side Request Forgery (SSRF) vulnerability in Redhat Keycloak A flaw was found in Keycloak before 13.0.0, where it is possible to force the server to call out an unverified URL using the OIDC parameter request_uri. | 5.3 |
2020-12-14 | CVE-2020-17513 | Server-Side Request Forgery (SSRF) vulnerability in Apache Airflow In Apache Airflow versions prior to 1.10.13, the Charts and Query View of the old (Flask-admin based) UI were vulnerable for SSRF attack. | 5.0 |
2020-12-10 | CVE-2020-24444 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Forms Add-On 6.4.8.2/6.5.6.0 AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 (6.4.8.2) have a blind Server-Side Request Forgery (SSRF) vulnerability. | 5.0 |
2020-11-30 | CVE-2020-28978 | Server-Side Request Forgery (SSRF) vulnerability in Canto 1.3.0 The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. | 5.0 |
2020-11-30 | CVE-2020-28977 | Server-Side Request Forgery (SSRF) vulnerability in Canto 1.3.0 The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. | 5.0 |
2020-11-30 | CVE-2020-28976 | Server-Side Request Forgery (SSRF) vulnerability in Canto 1.3.0 The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. | 5.0 |
2020-11-24 | CVE-2020-24815 | Server-Side Request Forgery (SSRF) vulnerability in Microstrategy 10.4/2019/2020 A Server-Side Request Forgery (SSRF) affecting the PDF generation in MicroStrategy 10.4, 2019 before Update 6, and 2020 before Update 2 allows authenticated users to access the content of internal network resources or leak files from the local system via HTML containers embedded in a dossier/dashboard document. | 4.0 |
2020-11-23 | CVE-2020-28360 | Server-Side Request Forgery (SSRF) vulnerability in Private-Ip Project Private-Ip Insufficient RegEx in private-ip npm package v1.0.5 and below insufficiently filters reserved IP ranges resulting in indeterminate SSRF. | 7.5 |