Total
1279 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-1037 | 1 Villatheme | 1 Exmage | 2024-08-02 | 7.2 High |
| The EXMAGE WordPress plugin before 1.0.7 does to ensure that images added via URLs are external images, which could lead to a blind SSRF issue by using local URLs | ||||
| CVE-2022-0939 | 1 Calibre-web Project | 1 Calibre-web | 2024-08-02 | 9.9 Critical |
| Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18. | ||||
| CVE-2022-0990 | 1 Calibre-web Project | 1 Calibre-web | 2024-08-02 | 9.1 Critical |
| Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18. | ||||
| CVE-2022-0870 | 1 Gogs | 1 Gogs | 2024-08-02 | 5.3 Medium |
| Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5. | ||||
| CVE-2022-0768 | 1 Alltubedownload | 1 Alltube | 2024-08-02 | 9.1 Critical |
| Server-Side Request Forgery (SSRF) in GitHub repository rudloff/alltube prior to 3.0.2. | ||||
| CVE-2022-0766 | 1 Calibre-web Project | 1 Calibre-web | 2024-08-02 | 9.8 Critical |
| Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17. | ||||
| CVE-2022-0767 | 1 Calibre-web Project | 1 Calibre-web | 2024-08-02 | 9.9 Critical |
| Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17. | ||||
| CVE-2022-0671 | 1 Redhat | 1 Vscode-xml | 2024-08-02 | 9.1 Critical |
| A flaw was found in vscode-xml in versions prior to 0.19.0. Schema download could lead to blind SSRF or DoS via a large file. | ||||
| CVE-2022-0508 | 1 Framasoft | 1 Peertube | 2024-08-02 | 5.3 Medium |
| Server-Side Request Forgery (SSRF) in GitHub repository chocobozzz/peertube prior to f33e515991a32885622b217bf2ed1d1b0d9d6832 | ||||
| CVE-2022-0528 | 1 Transloadit | 1 Uppy | 2024-08-02 | 6.5 Medium |
| Server-Side Request Forgery (SSRF) in GitHub repository transloadit/uppy prior to 3.3.1. | ||||
| CVE-2022-0591 | 1 Subtlewebinc | 1 Formcraft3 | 2024-08-02 | 9.1 Critical |
| The FormCraft WordPress plugin before 3.8.28 does not validate the URL parameter in the formcraft3_get AJAX action, leading to SSRF issues exploitable by unauthenticated users | ||||
| CVE-2022-0425 | 1 Gitlab | 1 Gitlab | 2024-08-02 | 5.4 Medium |
| A DNS rebinding vulnerability in the Irker IRC Gateway integration in all versions of GitLab CE/EE since version 7.9 allows an attacker to trigger Server Side Request Forgery (SSRF) attacks. | ||||
| CVE-2022-0339 | 1 Calibre-web Project | 1 Calibre-web | 2024-08-02 | 9.8 Critical |
| Server-Side Request Forgery (SSRF) in Pypi calibreweb prior to 0.6.16. | ||||
| CVE-2022-0249 | 1 Gitlab | 1 Gitlab | 2024-08-02 | 3.1 Low |
| A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not blocked. | ||||
| CVE-2022-0132 | 1 Framasoft | 1 Peertube | 2024-08-02 | 7.5 High |
| peertube is vulnerable to Server-Side Request Forgery (SSRF) | ||||
| CVE-2022-0136 | 1 Gitlab | 1 Gitlab | 2024-08-02 | 5.4 Medium |
| A vulnerability was discovered in GitLab versions 10.5 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1. GitLab was vulnerable to a blind SSRF attack through the Project Import feature. | ||||
| CVE-2022-0085 | 1 Dompdf Project | 1 Dompdf | 2024-08-02 | 5.3 Medium |
| Server-Side Request Forgery (SSRF) in GitHub repository dompdf/dompdf prior to 2.0.0. | ||||
| CVE-2022-0086 | 1 Transloadit | 1 Uppy | 2024-08-02 | 9.8 Critical |
| uppy is vulnerable to Server-Side Request Forgery (SSRF) | ||||
| CVE-2023-51441 | 1 Apache | 1 Axis | 2024-08-02 | 7.2 High |
| ** UNSUPPORTED WHEN ASSIGNED ** Improper Input Validation vulnerability in Apache Axis allowed users with access to the admin service to perform possible SSRF This issue affects Apache Axis: through 1.3. As Axis 1 has been EOL we recommend you migrate to a different SOAP engine, such as Apache Axis 2/Java. Alternatively you could use a build of Axis with the patch from https://github.com/apache/axis-axis1-java/commit/685c309febc64aa393b2d64a05f90e7eb9f73e06 applied. The Apache Axis project does not expect to create an Axis 1.x release fixing this problem, though contributors that would like to work towards this are welcome. | ||||
| CVE-2023-52331 | 1 Trendmicro | 1 Apex Central | 2024-08-02 | 7.1 High |
| A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | ||||