Fallos del tipo CWE-918

2157 resultados
CVE-2024-27620HIGHAn issue in Ladder v.0.0.1 thru v.0.0.21 allows a remote attacker to obtain sensitive information via a crafted request to the API.EPSS 2.7%CVE-2025-29972CRITICALAzure Storage Resource Provider Spoofing VulnerabilityEPSS 2.6%CVE-2017-0906The Recurly Client Python Library before 2.0.5, 2.1.16, 2.2.22, 2.3.1, 2.4.5, 2.5.1, 2.6.2 is vulnerable to a Server-Side Request Forgery vuEPSS 2.6%CVE-2017-0907The Recurly Client .NET Library before 1.0.1, 1.1.10, 1.2.8, 1.3.2, 1.4.14, 1.5.3, 1.6.2, 1.7.1, 1.8.1 is vulnerable to a Server-Side RequesEPSS 2.6%CVE-2017-0905The Recurly Client Ruby Library before 2.0.13, 2.1.11, 2.2.5, 2.3.10, 2.4.11, 2.5.4, 2.6.3, 2.7.8, 2.8.2, 2.9.2, 2.10.4, 2.11.3 is vulnerablEPSS 2.6%CVE-2021-27738Improper Access Control to Streaming Coordinator & SSRFEPSS 2.6%CVE-2024-6095MEDIUMSSRF and Partial LFI in /models/apply Endpoint in mudler/localaiEPSS 2.5%CVE-2022-3172MEDIUMKubernetes - API server - Aggregated API server can cause clients to be redirected (SSRF)EPSS 2.5%CVE-2024-32987HIGHMicrosoft SharePoint Server Information Disclosure VulnerabilityEPSS 2.4%CVE-2025-57822MEDIUMNext.js Improper Middleware Redirect Handling Leads to SSRFEPSS 2.3%CVE-2026-31829HIGHFlowise affected by Server-Side Request Forgery (SSRF) in HTTP Node Leading to Internal Network AccessEPSS 2.3%CVE-2022-2756HIGHServer-Side Request Forgery (SSRF) in kareadita/kavitaEPSS 2.3%CVE-2024-52606LOWSolarWinds Platform Server-Side Request Forgery VulnerabilityEPSS 2.3%CVE-2023-30019MEDIUMimgproxy <=3.14.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter.EPSS 2.2%CVE-2022-42149CRITICALkkFileView 4.0 is vulnerable to Server-side request forgery (SSRF) via controller\OnlinePreviewController.java.EPSS 2.2%CVE-2024-38514HIGHNextChat Server-Side Request Forgery (SSRF)EPSS 2.2%CVE-2022-41704HIGHApache Batik prior to 1.16 allows RCE when loading untrusted SVG inputEPSS 2.1%CVE-2022-38398Server-Side Request Forgery Information Disclosure VulnerabilityEPSS 2.1%CVE-2019-7616Kibana versions before 6.8.2 and 7.2.1 contain a server side request forgery (SSRF) flaw in the graphite integration for Timelion visualizerEPSS 2.1%CVE-2019-1679MEDIUMCisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server REST API Server-Side Request Forgery VulnerabilityEPSS 2.1%