Export limit exceeded: 335665 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (2737 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-29289 | 1 Adobe | 2 Commerce, Magento | 2025-03-05 | 6.5 Medium |
| Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an XML Injection vulnerability. An attacker with low privileges can trigger a specially crafted script to a security feature bypass. Exploitation of this issue does not require user interaction. | ||||
| CVE-2023-29291 | 1 Adobe | 2 Commerce, Magento | 2025-03-05 | 4.9 Medium |
| Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction. | ||||
| CVE-2023-29292 | 1 Adobe | 2 Commerce, Magento | 2025-03-05 | 4.9 Medium |
| Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction. | ||||
| CVE-2021-23807 | 1 Janl | 1 Jsonpointer | 2025-03-05 | 5.6 Medium |
| This affects the package jsonpointer before 5.0.0. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays. | ||||
| CVE-2021-36396 | 1 Moodle | 1 Moodle | 2025-03-05 | 7.5 High |
| In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk. | ||||
| CVE-2023-33838 | 1 Ibm | 1 Security Verify Governance | 2025-03-04 | 4.4 Medium |
| IBM Security Verify Governance 10.0.2 Identity Manager uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the product does not also use a salt as part of the input. | ||||
| CVE-2025-25303 | 2025-03-04 | N/A | ||
| The MouseTooltipTranslator Chrome extension allows mouseover translation of any language at once. The MouseTooltipTranslator browser extension is vulnerable to SSRF attacks. The pdf.mjs script uses the URL parameter from the current URL as the file to download and display to the extension user. Because pdf.mjs is imported in viewer.html and viewer.html is accessible to all URLs, an attacker can force the user’s browser to make a request to any arbitrary URL. After discussion with maintainer, patching this issue would require disabling a major feature of the extension in exchange for a low severity vulnerability. Decision to not patch issue. | ||||
| CVE-2025-0626 | 2025-03-01 | 7.5 High | ||
| The "monitor" binary in the firmware of the affected product attempts to mount to a hard-coded, routable IP address, bypassing existing device network settings to do so. The function also enables the network interface of the device if it is disabled. The function is triggered by attempting to update the device from the user menu. This could serve as a backdoor to the device, and could lead to a malicious actor being able to upload and overwrite files on the device. | ||||
| CVE-2024-6522 | 1 Webnus | 2 Modern Events Calendar, Modern Events Calendar Lite | 2025-03-01 | 8.5 High |
| The Modern Events Calendar plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.12.1 via the 'mec_fes_form' AJAX function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | ||||
| CVE-2023-27161 | 1 Jellyfin | 1 Jellyfin | 2025-02-28 | 7.5 High |
| Jellyfin up to v10.7.7 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /Repositories. This vulnerability allows attackers to access network resources and sensitive information via a crafted POST request. | ||||
| CVE-2023-28288 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2025-02-28 | 8.1 High |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2023-32052 | 1 Microsoft | 1 Power Apps | 2025-02-28 | 5.4 Medium |
| Microsoft Power Apps (online) Spoofing Vulnerability | ||||
| CVE-2023-22936 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2025-02-28 | 6.3 Medium |
| In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘search_listener’ parameter in a search allows for a blind server-side request forgery (SSRF) by an authenticated user. The initiator of the request cannot see the response without the presence of an additional vulnerability within the environment. | ||||
| CVE-2024-13695 | 1 Kriesi | 1 Enfold | 2025-02-28 | 6.4 Medium |
| The Enfold theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.0.9 via the 'attachment_id' parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | ||||
| CVE-2024-1758 | 1 Superfaktura | 1 Superfaktura Woocommerce | 2025-02-27 | 5.4 Medium |
| The SuperFaktura WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.40.3 via the wc_sf_url_check function. This makes it possible for authenticated attackers, with subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | ||||
| CVE-2023-38207 | 1 Adobe | 1 Commerce | 2025-02-27 | 7.5 High |
| Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier) are affected by a XML Injection (aka Blind XPath Injection) vulnerability that could lead in minor arbitrary file system read. Exploitation of this issue does not require user interaction. | ||||
| CVE-2023-26366 | 1 Adobe | 2 Commerce, Magento | 2025-02-27 | 6.8 Medium |
| Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A high-privileged authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction, scope is changed due to the fact that an attacker can enforce file read outside the application's path boundary. | ||||
| CVE-2023-47121 | 1 Discourse | 1 Discourse | 2025-02-27 | 3.4 Low |
| Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, the embedding feature is susceptible to server side request forgery. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. As a workaround, disable the Embedding feature. | ||||
| CVE-2025-27090 | 1 Bishopfox | 1 Sliver | 2025-02-27 | 5.3 Medium |
| Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. The reverse port forwarding in sliver teamserver allows the implant to open a reverse tunnel on the sliver teamserver without verifying if the operator instructed the implant to do so. The only impact that has been shown is the exposure of the server's IP address to a third party. This issue has been addressed in version 1.5.43 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2022-25777 | 1 Acquia | 1 Mautic | 2025-02-27 | 6.5 Medium |
| Prior to the patched version, an authenticated user of Mautic could read system files and access the internal addresses of the application due to a Server-Side Request Forgery (SSRF) vulnerability. | ||||