Total
1279 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-26459 | 1 Sap | 1 Netweaver Application Server Abap | 2024-08-02 | 7.4 High |
| Due to improper input controls In SAP NetWeaver AS for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, an attacker authenticated as a non-administrative user can craft a request which will trigger the application server to send a request to an arbitrary URL which can reveal, modify or make unavailable non-sensitive information, leading to low impact on Confidentiality, Integrity and Availability. | ||||
| CVE-2023-26438 | 1 Open-xchange | 1 Open-xchange Appsuite Backend | 2024-08-02 | 4.3 Medium |
| External service lookups for a number of protocols were vulnerable to a time-of-check/time-of-use (TOCTOU) weakness, involving the JDK DNS cache. Attackers that were timing DNS cache expiry correctly were able to inject configuration that would bypass existing network deny-lists. Attackers could exploit this weakness to discover the existence of restricted network infrastructure and service availability. Improvements were made to include deny-lists not only during the check of the provided connection data, but also during use. No publicly available exploits are known. | ||||
| CVE-2023-26431 | 1 Open-xchange | 1 Open-xchange Appsuite Backend | 2024-08-02 | 5 Medium |
| IPv4-mapped IPv6 addresses did not get recognized as "local" by the code and a connection attempt is made. Attackers with access to user accounts could use this to bypass existing deny-list functionality and trigger requests to restricted network infrastructure to gain insight about topology and running services. We now respect possible IPV4-mapped IPv6 addresses when checking if contained in a deny-list. No publicly available exploits are known. | ||||
| CVE-2023-26435 | 1 Open-xchange | 1 Open-xchange Appsuite Backend | 2024-08-02 | 5 Medium |
| It was possible to call filesystem and network references using the local LibreOffice instance using manipulated ODT documents. Attackers could discover restricted network topology and services as well as including local files with read permissions of the open-xchange system user. This was limited to specific file-types, like images. We have improved existing content filters and validators to avoid including any local resources. No publicly available exploits are known. | ||||
| CVE-2023-26366 | 1 Adobe | 2 Commerce, Magento | 2024-08-02 | 6.8 Medium |
| Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A high-privileged authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction, scope is changed due to the fact that an attacker can enforce file read outside the application's path boundary. | ||||
| CVE-2023-26442 | 1 Open-xchange | 1 Open-xchange Appsuite Office | 2024-08-02 | 3.2 Low |
| In case Cacheservice was configured to use a sproxyd object-storage backend, it would follow HTTP redirects issued by that backend. An attacker with access to a local or restricted network with the capability to intercept and replay HTTP requests to sproxyd (or who is in control of the sproxyd service) could perform a server-side request-forgery attack and make Cacheservice connect to unexpected resources. We have disabled the ability to follow HTTP redirects when connecting to sproxyd resources. No publicly available exploits are known. | ||||
| CVE-2023-25557 | 1 Datahub Project | 1 Datahub | 2024-08-02 | 7.5 High |
| DataHub is an open-source metadata platform. The DataHub frontend acts as a proxy able to forward any REST or GraphQL requests to the backend. The goal of this proxy is to perform authentication if needed and forward HTTP requests to the DataHub Metadata Store (GMS). It has been discovered that the proxy does not adequately construct the URL when forwarding data to GMS, allowing external users to reroute requests from the DataHub Frontend to any arbitrary hosts. As a result attackers may be able to reroute a request from originating from the frontend proxy to any other server and return the result. This vulnerability was discovered and reported by the GitHub Security lab and is tracked as GHSL-2022-076. | ||||
| CVE-2023-25262 | 1 Stimulsoft | 1 Designer | 2024-08-02 | 7.5 High |
| Stimulsoft GmbH Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Server Side Request Forgery (SSRF). TThe Reporting Designer (Web) offers the possibility to embed sources from external locations. If the user chooses an external location, the request to that resource is performed by the server rather than the client. Therefore, the server causes outbound traffic and potentially imports data. An attacker may also leverage this behaviour to exfiltrate data of machines on the internal network of the server hosting the Stimulsoft Reporting Designer (Web). | ||||
| CVE-2023-25230 | 1 Loonflow Project | 1 Loonflow | 2024-08-02 | 4.9 Medium |
| A Server-Side Request Forgery (SSRF) in loonflow r2.0.14 allows attackers to force the application to make arbitrary requests via manipulation of the hook_url parameter. | ||||
| CVE-2023-25162 | 1 Nextcloud | 1 Nextcloud Server | 2024-08-02 | 5.3 Medium |
| Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server prior to 24.0.8 and 23.0.12 and Nextcloud Enterprise server prior to 24.0.8 and 23.0.12 are vulnerable to server-side request forgery (SSRF). Attackers can leverage enclosed alphanumeric payloads to bypass IP filters and gain SSRF, which would allow an attacker to read crucial metadata if the server is hosted on the AWS platform. Nextcloud Server 24.0.8 and 23.0.2 and Nextcloud Enterprise Server 24.0.8 and 23.0.12 contain a patch for this issue. No known workarounds are available. | ||||
| CVE-2023-24954 | 1 Microsoft | 14 Sharepoint Enterprise Server, Sharepoint Server, Windows 10 1507 and 11 more | 2024-08-02 | 6.5 Medium |
| Microsoft SharePoint Server Information Disclosure Vulnerability | ||||
| CVE-2023-24622 | 1 Includesecurity | 1 Safeurl-python | 2024-08-02 | 5.3 Medium |
| isInList in the safeurl-python package before 1.2 for Python has an insufficiently restrictive regular expression for external domains, leading to SSRF. | ||||
| CVE-2023-24623 | 1 Paranoidhttp Project | 1 Paranoidhttp | 2024-08-02 | 7.5 High |
| Paranoidhttp before 0.3.0 allows SSRF because [::] is equivalent to the 127.0.0.1 address, but does not match the filter for private addresses. | ||||
| CVE-2023-24495 | 1 Tenable | 1 Tenable.sc | 2024-08-02 | 6.5 Medium |
| A Server Side Request Forgery (SSRF) vulnerability exists in Tenable.sc due to improper validation of session & user-accessible input data. A privileged, authenticated remote attacker could interact with external and internal services covertly. | ||||
| CVE-2023-24243 | 1 Cdata | 1 Arc | 2024-08-02 | 7.5 High |
| CData RSB Connect v22.0.8336 was discovered to contain a Server-Side Request Forgery (SSRF). | ||||
| CVE-2023-24060 | 1 Havenweb | 1 Haven | 2024-08-02 | 5.0 Medium |
| Haven 5d15944 allows Server-Side Request Forgery (SSRF) via the feed[url]= Feeds functionality. Authenticated users with the ability to create new RSS Feeds or add RSS Feeds can supply an arbitrary hostname (or even the hostname of the Haven server itself). NOTE: this product has significant usage but does not have numbered releases; ordinary end users may typically use the master branch. | ||||
| CVE-2023-23955 | 1 Broadcom | 2 Advanced Secure Gateway, Content Analysis | 2024-08-02 | 8.1 High |
| Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Server-Side Request Forgery vulnerability. | ||||
| CVE-2023-23943 | 1 Nextcloud | 1 Mail | 2024-08-02 | 5 Medium |
| Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP, IMAP and Sieve host fields allowed to scan for internal services and servers reachable from within the local network of the Nextcloud Server. It is recommended that the Nextcloud Maill app is upgraded to 1.15.0 or 2.2.2. The only known workaround for this issue is to completely disable the nextcloud mail app. | ||||
| CVE-2023-23684 | 1 Wpengine | 1 Wpgraphql | 2024-08-02 | 4.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in WPGraphQL.This issue affects WPGraphQL: from n/a through 1.14.5. | ||||
| CVE-2023-23560 | 1 Lexmark | 256 B2236, B2236 Firmware, B2338 and 253 more | 2024-08-02 | 9.8 Critical |
| In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input validation. | ||||