Falhas do tipo CWE-918
2.157 resultadosCVE-2025-69222CRITICALLibreChat is vulnerable to Server-Side Request Forgery due to missing restrictionsEPSS 4.1%CVE-2022-41412HIGHAn issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access sensitive data and execute Server-Side RequEPSS 4.1%CVE-2023-24243HIGHCData RSB Connect v22.0.8336 was discovered to contain a Server-Side Request Forgery (SSRF).EPSS 4.0%CVE-2025-65958HIGHOpen WebUI vulnerable to Server-Side Request Forgery (SSRF) via Arbitrary URL Processing in /api/v1/retrieval/process/webEPSS 4.0%CVE-2024-48360HIGHQualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /request/viewValidacao.php.EPSS 3.9%CVE-2023-32750MEDIUMPydio Cells through 4.1.2 allows SSRF. For longer running processes, Pydio Cells allows for the creation of jobs, which are run in the backgEPSS 3.8%CVE-2020-8555MEDIUMKubernetes kube-controller-manager SSRFEPSS 3.7%CVE-2021-39150HIGHA Server-Side Forgery Request vulnerability in XStream via PriorityQueue unmarshalingEPSS 3.5%CVE-2023-44313HIGHApache ServiceComb Service-Center: attacker can perform SSRF through the frontend APIEPSS 3.5%CVE-2022-0870MEDIUMServer-Side Request Forgery (SSRF) in gogs/gogsEPSS 3.4%CVE-2023-3578MEDIUMDedeCMS co_do.php server-side request forgeryEPSS 3.4%CVE-2023-4769MEDIUMServer-Side Request Forgery in ManageEngine Desktop CentralEPSS 3.3%CVE-2024-39713HIGHA Server-Side Request Forgery (SSRF) affects Rocket.Chat's Twilio webhook endpoint before version 6.10.1.EPSS 3.2%CVE-2021-21009HIGHServer-side request forgery (SSRF) in Campaign Classic could lead to sensitive information disclosureEPSS 3.2%CVE-2017-0889—Paperclip ruby gem version 3.1.4 and later suffers from a Server-SIde Request Forgery (SSRF) vulnerability in the Paperclip::UriAdapter clasEPSS 3.1%CVE-2023-36661HIGHShibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This isEPSS 3.0%CVE-2024-41570CRITICALAn Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network tEPSS 2.9%CVE-2022-1398—External Media without Import <= 1.1.2 - Subscriber+ Blind SSRFEPSS 2.9%CVE-2024-34361HIGHPi-hole Blind Server-Side Request Forgery (SSRF) vulnerability can lead to Remote Code Execution (RCE)EPSS 2.8%CVE-2025-22952CRITICALelestio memos v0.23.0 is vulnerable to Server-Side Request Forgery (SSRF) due to insufficient validation of user-supplied URLs, which can beEPSS 2.8%