399 matches found
BrightSign Digital Signage 8.2.26 - Server-Side Request Forgery
Unauthenticated Server-Side Request Forgery SSRF vulnerability exists in the BrightSign digital signage media player affecting the Diagnostic Web Server DWS. The application parses user supplied data in the 'url' GET parameter to construct a diagnostics request to the Download Speed Test service...
CVE-2025-36324
CVE-2025-36324 affects IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0. The issue is a server-side request forgery (SSRF) that could allow an authenticated attacker to make unauthorized requests from the system, potentially enabling network enumeration or facilitating other ...
CVE-2026-7253
IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery SSRF in Sterling File Gateway, due to a flaw which may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...
EUVD-2026-38266
IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery SSRF in Sterling File Gateway, due to a flaw which may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...
CVE-2026-7253 IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery (SSRF) in Sterling File Gateway
IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery SSRF in Sterling File Gateway, due to a flaw which may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...
CVE-2026-7253
CVE-2026-7253 summary: IBM Watson Speech Services Cartridge is affected by a Server-Side Request Forgery (SSRF) in Sterling File Gateway. Affected versions are 4.0.0–5.3.1. The root cause is SSRF allowing an authenticated attacker to issue unauthorized requests from the system, with potential net...
PT-2026-48671
Name of the Vulnerable Software and Affected Versions IBM Langflow Desktop versions 1.0.0 through 1.9.2 Description IBM Langflow is susceptible to server-side request forgery SSRF, a flaw where the server can be coerced into making requests to an unintended location. This issue can be triggered v...
CVE-2025-14290
IBM webMethods Integration on prem -Integration Server 10.15 through IS10.15CoreFix2611.1 to IS11.1CoreFix10 IBM webMethods Integration is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to...
eCPPT-Penetration-Testing-Reports
eCPPT Penetration Testing Reports Penetration testing lab rep...
CVE-2025-14290
IBM webMethods Integration on prem -Integration Server 10.15 through IS10.15CoreFix2611.1 to IS11.1CoreFix10 IBM webMethods Integration is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to...
CVE-2025-14290 IBM webMethods Integration Sever is vulnerable to server-side request forgery
IBM webMethods Integration on prem -Integration Server 10.15 through IS10.15CoreFix2611.1 to IS11.1CoreFix10 IBM webMethods Integration is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to...
IBM webMethods Integration 代码问题漏洞
IBM webMethods Integration is a hybrid enterprise iPaaS offered by International Business Machines IBM. There are code vulnerabilities in versions 10.15 and later of IBM webMethods Integration, as well as in versions IS10.15CoreFix2611.1 and 11.1, up to IS11.1CoreFix10. These vulnerabilities stem...
PT-2026-43278
IBM webMethods Integration on prem -Integration Server 10.15 through IS 10.15 Core Fix2611.1 to IS 11.1 Core Fix10 IBM webMethods Integration is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially...
CVE-2026-3340 Server-Side Request Forgery (SSRF) in Langflow URL Component
IBM Langflow Desktop 1.0.0 through 1.8.4 IBM Langflow is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...
PT-2026-36187
IBM Langflow Desktop 1.0.0 through 1.8.4 IBM Langflow is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...
CVE-2026-41461 SocialEngine <= 7.8.0 Blind SSRF via /core/link/preview
SocialEngine versions 7.8.0 and prior contain a blind server-side request forgery vulnerability in the /core/link/preview endpoint where user-supplied input passed via the uri request parameter is not sanitized before being used to construct outbound HTTP requests. Authenticated remote attackers...
CritBench: A Framework for Evaluating Cybersecurity Capabilities of Large Language Models in IEC 61850 Digital Substation Environments
The advancement of Large Language Models LLMs has raised concerns regarding their dual-use potential in cybersecurity. Existing evaluation frameworks overwhelmingly focus on Information Technology IT environments, failing to capture the constraints, and specialized protocols of Operational...
CVE-2026-1561
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery SSRF. This may allow remote attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating...
EUVD-2026-15978
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...
CVE-2025-14912
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...