Vulnerabilities > Server-Side Request Forgery (SSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-24 | CVE-2019-18394 | Server-Side Request Forgery (SSRF) vulnerability in Igniterealtime Openfire A Server Side Request Forgery (SSRF) vulnerability in FaviconServlet.java in Ignite Realtime Openfire through 4.4.2 allows attackers to send arbitrary HTTP GET requests. | 9.8 |
2019-10-23 | CVE-2019-18355 | Server-Side Request Forgery (SSRF) vulnerability in Thycotic Secret Server An SSRF issue was discovered in the legacy Web launcher in Thycotic Secret Server before 10.7. | 9.8 |
2019-10-21 | CVE-2019-17400 | Server-Side Request Forgery (SSRF) vulnerability in Universal Office Converter Project Universal Office Converter The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion. | 7.5 |
2019-10-17 | CVE-2019-17670 | Server-Side Request Forgery (SSRF) vulnerability in multiple products WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs. | 9.8 |
2019-10-17 | CVE-2019-17669 | Server-Side Request Forgery (SSRF) vulnerability in multiple products WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because URL validation does not consider the interpretation of a name as a series of hex characters. | 9.8 |
2019-10-14 | CVE-2019-14225 | Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite 7.10.1/7.10.2 OX App Suite 7.10.1 and 7.10.2 allows SSRF. | 5.4 |
2019-10-11 | CVE-2017-18638 | Server-Side Request Forgery (SSRF) vulnerability in Graphite Project Graphite send_email in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. | 7.5 |
2019-10-09 | CVE-2019-15021 | Server-Side Request Forgery (SSRF) vulnerability in Zingbox Inspector A security vulnerability exists in the Zingbox Inspector versions 1.294 and earlier, that can allow an attacker to easily identify instances of Zingbox Inspectors in a local area network. | 5.3 |
2019-10-03 | CVE-2019-15164 | Server-Side Request Forgery (SSRF) vulnerability in Tcpdump Libpcap rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source. | 5.3 |
2019-10-02 | CVE-2019-13335 | Server-Side Request Forgery (SSRF) vulnerability in Salesagility Suitecrm SalesAgility SuiteCRM 7.10.x 7.10.19 and 7.11.x before and 7.11.7 has SSRF. | 9.8 |