Falhas do tipo CWE-918

2.198 resultados
CVE-2025-13147MEDIUMExternal Service Interaction (DNS)EPSS 0.2%CVE-2024-51785MEDIUMWordPress Responsive Filterable Portfolio plugin <= 1.0.22 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.2%CVE-2026-33766MEDIUMAVideo has SSRF Protection Bypass via HTTP Redirect in Image Download EndpointsEPSS 0.2%CVE-2026-40089CRITICALSonicverse has Server-Side Request Forgery via user-controlled URLs in dashboard API clientEPSS 0.2%CVE-2024-43710MEDIUMKibana server-side request forgeryEPSS 0.2%CVE-2026-12473HIGHOHIF Viewers DICOM Server-Side request forgeryEPSS 0.2%CVE-2026-21293MEDIUMAdobe Commerce | Server-Side Request Forgery (SSRF) (CWE-918)EPSS 0.2%CVE-2026-11469MEDIUMjishenghua jshERP platformConfig Add Endpoint PlatformConfigService.java insertPlatformConfig server-side request forgeryEPSS 0.2%CVE-2026-42335MEDIUMMaxKB: SSRF Bypass in MaxKB OSS URL Fetch due to URL Parsing DiscrepancyEPSS 0.2%CVE-2026-9813MEDIUMFlowIntel external reference URL probe allows server-side request forgeryEPSS 0.2%CVE-2026-41272HIGHFlowise: SSRF Protection Bypass (TOCTOU & Default Insecure)EPSS 0.2%CVE-2026-48918MEDIUMJenkins Active Directory Plugin 2.41 and earlier follows LDAP referrals by default.EPSS 0.2%CVE-2026-47389HIGHMastodon: SSRF protection bypass on older Ruby versionsEPSS 0.2%CVE-2026-28680CRITICALGhostfolio: Full-Read SSRF in Manual Asset ImportEPSS 0.2%CVE-2026-21294MEDIUMAdobe Commerce | Server-Side Request Forgery (SSRF) (CWE-918)EPSS 0.2%CVE-2026-31941HIGHServer-Side Request Forgery (SSRF) in Chamilo LMSEPSS 0.2%CVE-2025-27430LOWServer Side Request Forgery (SSRF) in SAP CRM and SAP S/4 HANA (Interaction Center)EPSS 0.2%CVE-2024-11913MEDIUMActivity Plus Reloaded for BuddyPress <= 1.1.1 - Authenticated (Subscriber+) Blind Server-Side Request ForgeryEPSS 0.2%CVE-2026-11395HIGHCF7 to Webhook <= 5.0.0 - Unauthenticated Server-Side Request Forgery via CF7 Field Placeholder in Webhook URL HostEPSS 0.2%CVE-2025-59346MEDIUMDragonfly server-side request forgery vulnerabilityEPSS 0.2%