Fallos del tipo CWE-918
2168 resultadosCVE-2025-27655CRITICALVasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Server-Side Request Forgery: CPA v1EPSS 0.8%CVE-2025-27651CRITICALVasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Server-Side Request Forgery: ElatecEPSS 0.8%CVE-2025-6087HIGHSSRF vulnerability in opennextjs-cloudflare via /_next/image endpointEPSS 0.8%CVE-2021-22969—Concrete CMS (formerly concrete5) versions below 8.5.7 has a SSRF mitigation bypass using DNS Rebind attack giving an attacker the ability tEPSS 0.8%CVE-2020-36884MEDIUMBrightSign Digital Signage Diagnostic Web Server 8.2.26 Unauthenticated SSRFEPSS 0.8%CVE-2023-39967CRITICALFull read and controlled SSRF through URL parameter when testing a request inside wiremock-studioEPSS 0.8%CVE-2026-41105HIGHAzure Monitor Action Group Notification System Elevation of Privilege VulnerabilityEPSS 0.8%CVE-2022-36802MEDIUMThe ManageJiraConnectors API in Atlassian Jira Align before version 10.109.2 allows remote attackers to exploit this issue to access internaEPSS 0.8%CVE-2023-35133HIGHMoodle: ssrf risk due to insufficient check on the curl blocked hostsEPSS 0.8%CVE-2024-7743MEDIUMwanglongcn ltcms API Endpoint downloadUrl server-side request forgeryEPSS 0.8%CVE-2024-7742MEDIUMwanglongcn ltcms API Endpoint multiDownload server-side request forgeryEPSS 0.8%CVE-2024-51981MEDIUMUnauthenticated Server Side Request Forgery (SSRF) via WS-Eventing affecting multiple models from Brother Industries, Ltd, FUJIFILM Business Innovation, Ricoh, and Toshiba Tec, and Konica Minolta, Inc.EPSS 0.8%CVE-2023-3233MEDIUMZhong Bang CRMEB PublicController.php get_image_base64 server-side request forgeryEPSS 0.8%CVE-2023-49799HIGHServer-Side Request Forgery in nuxt-api-partyEPSS 0.8%CVE-2023-25162MEDIUMNextcloud Server vulnerable to SSRF via filter bypass due to lax checking on IPsEPSS 0.8%CVE-2024-0455CRITICALSSRF on AWS deployed instances of AnythingLLM via /metadataEPSS 0.8%CVE-2022-40842CRITICALndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery (SSRF) via rotateimg.php.EPSS 0.8%CVE-2024-23788CRITICALServer-side request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier alloEPSS 0.8%CVE-2021-36203MEDIUMJohnson Controls Metasys SCT ProEPSS 0.8%CVE-2020-12529MEDIUMAn issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2 There is a SSRF in the LDAPEPSS 0.8%