Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-11 | CVE-2019-18379 | Server-Side Request Forgery (SSRF) vulnerability in Symantec Messaging Gateway Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type of issue that can let an attacker send crafted requests from the backend server of a vulnerable web application or access services available through the loopback interface. | 7.3 |
| 2019-11-13 | CVE-2019-16948 | Server-Side Request Forgery (SSRF) vulnerability in Enghouse web Chat 6.1.300.31 An SSRF issue was discovered in Enghouse Web Chat 6.1.300.31. | 9.8 |
| 2019-11-06 | CVE-2019-8156 | Server-Side Request Forgery (SSRF) vulnerability in Magento A server-side request forgery (SSRF) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 7.2 |
| 2019-11-06 | CVE-2019-8151 | Server-Side Request Forgery (SSRF) vulnerability in Magento A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 7.2 |
| 2019-10-24 | CVE-2019-18394 | Server-Side Request Forgery (SSRF) vulnerability in Igniterealtime Openfire A Server Side Request Forgery (SSRF) vulnerability in FaviconServlet.java in Ignite Realtime Openfire through 4.4.2 allows attackers to send arbitrary HTTP GET requests. | 9.8 |
| 2019-10-23 | CVE-2019-18355 | Server-Side Request Forgery (SSRF) vulnerability in Thycotic Secret Server An SSRF issue was discovered in the legacy Web launcher in Thycotic Secret Server before 10.7. | 9.8 |
| 2019-10-21 | CVE-2019-17400 | Server-Side Request Forgery (SSRF) vulnerability in Universal Office Converter Project Universal Office Converter The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion. | 7.5 |
| 2019-10-17 | CVE-2019-17670 | Server-Side Request Forgery (SSRF) vulnerability in multiple products WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows paths are mishandled during certain validation of relative URLs. | 9.8 |
| 2019-10-17 | CVE-2019-17669 | Server-Side Request Forgery (SSRF) vulnerability in multiple products WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because URL validation does not consider the interpretation of a name as a series of hex characters. | 9.8 |
| 2019-10-14 | CVE-2019-14225 | Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite 7.10.1/7.10.2 OX App Suite 7.10.1 and 7.10.2 allows SSRF. | 5.4 |