Falhas do tipo CWE-918
2.172 resultadosCVE-2024-5917LOWPAN-OS: Server-Side Request Forgery in WildFireEPSS 0.5%CVE-2026-26801HIGHServer-Side Request Forgery (SSRF) vulnerability in pdfmake versions 0.3.0-beta.2 through 0.3.5 allows a remote attacker to obtain sensitiveEPSS 0.5%CVE-2025-1211MEDIUMVersions of the package hackney before 1.21.0 are vulnerable to Server-side Request Forgery (SSRF) due to improper parsing of URLs by URI buEPSS 0.5%CVE-2023-24060MEDIUMHaven 5d15944 allows Server-Side Request Forgery (SSRF) via the feed[url]= Feeds functionality. Authenticated users with the ability to creaEPSS 0.5%CVE-2026-47358CRITICALTerrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via external URL resolution in uploaded IaC templates when EPSS 0.5%CVE-2025-0480MEDIUMwuzhicms config.php test server-side request forgeryEPSS 0.5%CVE-2024-5014HIGHWhatsUp Gold GetASPReport Server-Side Request Forgery Information DisclosureEPSS 0.5%CVE-2024-7330MEDIUMYouDianCMS ydLib.php curl_exec server-side request forgeryEPSS 0.5%CVE-2024-37359HIGHHitachi Vantara Pentaho Business Analytics Server – Server Side Request ForgeryEPSS 0.5%CVE-2024-12867HIGHServer-Side Request Forgery in Arctic Hub URL Mapper allows an unauthenticated remote attacker to exfiltrate and modify configurations and dataEPSS 0.5%CVE-2023-23955HIGHAdvanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to a Server-Side Request Forgery vulnerabilityEPSS 0.5%CVE-2024-23330MEDIUMTuta loads images from external resourcesEPSS 0.5%CVE-2026-34577HIGHPostiz: Unauthenticated Full-Read SSRF via /public/stream Endpoint with Trivially Bypassable Extension CheckEPSS 0.5%CVE-2024-9309CRITICALSSRF in POST /worker_generate_stream API endpoint in haotian-liu/llavaEPSS 0.5%CVE-2026-29226HIGHApache OFBiz: Low-Privilege SSRF in Content ComponentEPSS 0.5%CVE-2024-22219MEDIUMXML External Entity (XXE) vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC versions up to 1.0.4 allows authenticated usersEPSS 0.5%CVE-2025-0184MEDIUMServer-Side Request Forgery (SSRF) in langgenius/difyEPSS 0.5%CVE-2024-51408HIGHAppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests to 169.254.169.254 to retrieve AWS metadatEPSS 0.5%CVE-2023-33176MEDIUMBlind SSRF When Uploading Presentation in BigBlueButtonEPSS 0.5%CVE-2026-34647HIGHAdobe Commerce | Server-Side Request Forgery (SSRF) (CWE-918)EPSS 0.5%