Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
server-side request forgery vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2020-15003
OX App Suite up to and including 7.10.3 allows Information Exposure because a user can obtain the IP address and User-Agent string of a different user (via the session API during shared Drive access).
Open-xchange Open-xchange Appsuite 7.10.2
Open-xchange Open-xchange Appsuite 7.10.3
6.5
CVSSv2
CVE-2021-33690
Server-Side Request Forgery (SSRF) vulnerability has been detected in the SAP NetWeaver Development Infrastructure Component Build Service versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50The SAP NetWeaver Development Infrastructure Component Build Service allows a threat actor who h...
Sap Netweaver Development Infrastructure 7.11
Sap Netweaver Development Infrastructure 7.20
Sap Netweaver Development Infrastructure 7.30
Sap Netweaver Development Infrastructure 7.31
Sap Netweaver Development Infrastructure 7.40
Sap Netweaver Development Infrastructure 7.50
1 Github repository
5
CVSSv2
CVE-2021-25241
A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to locate online agents via a sweep.
Trendmicro Apex One 2019
Trendmicro Worry-free Business Security 10.0
NA
CVE-2023-38625
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an malicious user to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low...
Trendmicro Apex Central 2019
NA
CVE-2023-38626
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an malicious user to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low...
Trendmicro Apex Central 2019
NA
CVE-2023-38627
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an malicious user to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low...
Trendmicro Apex Central 2019
6.4
CVSSv2
CVE-2017-3546
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: MultiChannel Framework). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network...
Oracle Peoplesoft Enterprise Peopletools 8.55
Oracle Peoplesoft Enterprise Peopletools 8.54
1 EDB exploit
6.8
CVSSv2
CVE-2019-9853
LibreOffice documents can contain macros. The execution of those macros is controlled by the document security settings, typically execution of macros are blocked by default. A URL decoding flaw existed in how the urls to the macros within the document were processed and categori...
Libreoffice Libreoffice
NA
CVE-2023-52331
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central could allow an malicious user to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the targe...
Trendmicro Apex Central 2019
8.3
CVSSv2
CVE-2022-22993
A limited SSRF vulnerability exists on Western Digital My Cloud devices that could allow an malicious user to impersonate a server and reach any page on the server by bypassing access controls. The vulnerability was addressed by creating a whitelist for valid parameters.
Westerndigital My Cloud Os
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »