Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssrf vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-5752
The backend component in Open-Xchange OX App Suite prior to 7.6.3-rev36, 7.8.x prior to 7.8.2-rev39, 7.8.3 prior to 7.8.3-rev44, and 7.8.4 prior to 7.8.4-rev22 allows remote malicious users to conduct server-side request forgery (SSRF) attacks via vectors involving non-decimal re...
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.8.2
Open-xchange Open-xchange Appsuite 7.8.0
Open-xchange Open-xchange Appsuite 7.6.3
Open-xchange Open-xchange Appsuite
1 EDB exploit
5.4
CVSSv3
CVE-2018-5754
Cross-site scripting (XSS) vulnerability in the office-web component in Open-Xchange OX App Suite prior to 7.8.3-rev12 and 7.8.4 prior to 7.8.4-rev9 allows remote malicious users to inject arbitrary web script or HTML via a crafted presentation file, related to copying content to...
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite
1 EDB exploit
4.3
CVSSv3
CVE-2018-5756
The backend component in Open-Xchange OX App Suite prior to 7.6.3-rev36, 7.8.x prior to 7.8.2-rev39, 7.8.3 prior to 7.8.3-rev44, and 7.8.4 prior to 7.8.4-rev22 does not properly check for folder-to-object association, which allows remote authenticated users to delete arbitrary ta...
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.6.3
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.8.0
Open-xchange Open-xchange Appsuite 7.8.2
1 EDB exploit
5.3
CVSSv3
CVE-2020-26811
SAP Commerce Cloud (Accelerator Payment Mock), versions - 1808, 1811, 1905, 2005, allows an unauthenticated malicious user to submit a crafted request over a network to a particular SAP Commerce module URL which will be processed without further interaction, the crafted request l...
Sap Commerce Cloud \\(accelerator Payment Mock\\) 1808
Sap Commerce Cloud \\(accelerator Payment Mock\\) 1811
Sap Commerce Cloud \\(accelerator Payment Mock\\) 1905
Sap Commerce Cloud \\(accelerator Payment Mock\\) 2005
6.5
CVSSv3
CVE-2018-5751
The backend component in Open-Xchange OX App Suite prior to 7.6.3-rev36, 7.8.x prior to 7.8.2-rev39, 7.8.3 prior to 7.8.3-rev44, and 7.8.4 prior to 7.8.4-rev22 allows remote authenticated users to obtain sensitive information about external guest users via vectors related to the ...
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.6.3
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.8.2
Open-xchange Open-xchange Appsuite 7.8.0
1 EDB exploit
6.5
CVSSv3
CVE-2018-5753
The frontend component in Open-Xchange OX App Suite prior to 7.6.3-rev31, 7.8.x prior to 7.8.2-rev31, 7.8.3 prior to 7.8.3-rev41, and 7.8.4 prior to 7.8.4-rev20 allows remote malicious users to spoof the origin of e-mails via unicode characters in the "personal part" of...
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.6.3
Open-xchange Open-xchange Appsuite 7.8.0
Open-xchange Open-xchange Appsuite 7.8.2
Open-xchange Open-xchange Appsuite
1 EDB exploit
5.5
CVSSv3
CVE-2018-5755
Absolute path traversal vulnerability in the readerengine component in Open-Xchange OX App Suite prior to 7.6.3-rev3, 7.8.x prior to 7.8.2-rev4, 7.8.3 prior to 7.8.3-rev5, and 7.8.4 prior to 7.8.4-rev4 allows remote malicious users to read arbitrary files via a full pathname in a...
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.8.2
Open-xchange Open-xchange Appsuite 7.8.0
Open-xchange Open-xchange Appsuite
1 EDB exploit
7.5
CVSSv3
CVE-2023-44313
Server-Side Request Forgery (SSRF) vulnerability in Apache ServiceComb Service-Center. Attackers can obtain sensitive server information through specially crafted requests.This issue affects Apache ServiceComb prior to 2.1.0(include). Users are recommended to upgrade to version 2...
Apache Servicecomb
5.3
CVSSv3
CVE-2020-17513
In Apache Airflow versions before 1.10.13, the Charts and Query View of the old (Flask-admin based) UI were vulnerable for SSRF attack.
Apache Airflow
7.5
CVSSv3
CVE-2021-21975
Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) before 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials.
Vmware Vrealize Operations Manager 7.0.0
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager 8.0.0
Vmware Vrealize Operations Manager 8.0.1
Vmware Vrealize Operations Manager 8.1.0
Vmware Vrealize Operations Manager 8.1.1
Vmware Vrealize Operations Manager 8.2.0
Vmware Vrealize Operations Manager 8.3.0
Vmware Cloud Foundation 3.0
Vmware Cloud Foundation 3.0.1
Vmware Cloud Foundation 3.0.1.1
Vmware Cloud Foundation 3.5
Vmware Cloud Foundation 3.5.1
Vmware Cloud Foundation 3.7
Vmware Cloud Foundation 3.7.1
Vmware Cloud Foundation 3.7.2
Vmware Cloud Foundation 3.8
Vmware Cloud Foundation 3.8.1
Vmware Cloud Foundation 3.9
Vmware Cloud Foundation 3.9.1
Vmware Cloud Foundation 3.10
Vmware Cloud Foundation 4.0
1 Metasploit module
13 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »