Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1481

1481 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-22936 Authenticated Blind Server Side Request Forgery via the ‘search_listener’ Search Parameter in Splunk Enterprise — Splunk Enterprise 6.3 Medium2023-02-14
CVE-2023-25162 Nextcloud Server vulnerable to SSRF via filter bypass due to lax checking on IPs — security-advisories 5.3 Medium2023-02-13
CVE-2023-25557 Server-Side Request Forgery in DataHub — datahub 7.5 High2023-02-10
CVE-2023-0574 Server-Side Request Forgery — YugabyteDB Anywhere 6.8 Medium2023-02-09
CVE-2022-45085 Server-Side Request Forgery in Smartpower Web — Smartpower Web 6.5 Medium2023-02-08
CVE-2023-23943 Blind SSRF via server URL input in the Nextcloud Mail app — security-advisories 5.0 Medium2023-02-06
CVE-2023-20002 Cisco TelePresence Collaboration Endpoint Software 代码问题漏洞 — Cisco RoomOS Software 4.4 Medium2023-01-19
CVE-2023-22493 RSSHub is vulnerable to SSRF (Server-Side Request Forgery) — RSSHub 8.8 High2023-01-13
CVE-2023-21761 Microsoft Exchange Server Information Disclosure Vulnerability — Microsoft Exchange Server 2016 Cumulative Update 23 7.5 High2023-01-10
CVE-2022-39039 aEnrich a+HRD - Server-Side Request Forgery (SSRF) — a+HRD 9.8 Critical2023-01-03
CVE-2017-20157 Ariadne Component Library Url.php server-side request forgery — Component Library 5.5 Medium2022-12-31
CVE-2022-38203 The allowedProxyHosts property is not fully honored in ArcGIS Enterprise (10.8.1 and 10.7.1 only) — Portal for ArcGIS 7.5 High2022-12-30
CVE-2022-38211 Server Side Request Forgery (SSRF) vulnerability in Portal for ArcGIS (10.9.1, 10.8.1 and 10.7.1 only) — ArcGIS Enterprise 7.5 High2022-12-30
CVE-2022-38212 Server Side Request Forgery (SSRF) vulnerability in Portal for ArcGIS (10.8.1 and 10.7.1 only) — ArcGIS Enterprise 7.5 High2022-12-30
CVE-2022-23544 Server-Side Request Forgery in Metersphere leads to Cross-Site Scripting — metersphere 7.2 High2022-12-27
CVE-2022-4725 AWS SDK XML Parser XpathUtils.java XpathUtils server-side request forgery — AWS SDK 5.5 Medium2022-12-24
CVE-2022-3189 Dataprobe iBoot-PDU 代码问题漏洞 — iBoot-PDU FW 5.3 Medium2022-12-21
CVE-2022-38708 IBM Cognos Analytics server-side request forgery — Cognos Analytics 6.5 Medium2022-12-19
CVE-2022-42343 Adobe Campaign Classic Server-Side Request Forgery Arbitrary file system read — Adobe Campaign Classic (ACC) 6.5 Medium2022-12-19
CVE-2022-46364 Apache CXF SSRF Vulnerability — Apache CXF 9.1 -2022-12-13
CVE-2022-41949 Semi-blind Server-Side Request Forgery in dhis2-core — dhis2-core 5.0 Medium2022-12-08
CVE-2022-46830 JetBrains TeamCity 代码问题漏洞 — TeamCity 4.1 Medium2022-12-08
CVE-2022-45152 Moodle 代码问题漏洞 — Moodle 9.1 -2022-11-25
CVE-2022-4096 Server-Side Request Forgery (SSRF) in appsmithorg/appsmith — appsmithorg/appsmith 6.5 -2022-11-21
CVE-2022-41609 WordPress Better Messages plugin <= 1.9.10.68 - Server-Side Request Forgery (SSRF) vulnerability — Better Messages (WordPress plugin) 6.4 Medium2022-11-18
CVE-2022-42894 Siemens syngo Dynamics 代码问题漏洞 — syngo Dynamics 7.5 -2022-11-17
CVE-2022-39383 SSRF vulnerability in KubeVela VelaUX APIServer — kubevela 4.9 Medium2022-11-16
CVE-2022-41906 OpenSearch Notifications is vulnerable to Server-Side Request Forgery (SSRF) — notifications 8.7 -2022-11-11
CVE-2022-42494 WordPress All in One SEO Pro plugin <= 4.2.5.1 - Server Side Request Forgery (SSRF) vulnerability — All in One SEO Pro (WordPress plugin) 3.0 Low2022-11-08
CVE-2022-20951 Cisco BroadWorks CommPilot 代码问题漏洞 — Cisco BroadWorks 7.7 High2022-11-03

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1481 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.