333 matches found
PT-2026-24364
Name of the Vulnerable Software and Affected Versions pdfmake versions 0.3.0-beta.2 through 0.3.5 Description A Server-Side Request Forgery SSRF issue exists in the src/URLResolver.js component of pdfmake. This allows a remote attacker to potentially obtain sensitive information. The issue was...
CVE-2026-26801
Server-Side Request Forgery SSRF vulnerability in pdfmake versions 0.3.0-beta.2 through 0.3.5 allows a remote attacker to obtain sensitive information via the src/URLResolver.js component. The fix was released in version 0.3.6 which introduces the setUrlAccessPolicy method allowing server operato...
CVE-2026-26801
Server-Side Request Forgery SSRF vulnerability in pdfmake versions 0.3.0-beta.2 through 0.3.5 allows a remote attacker to obtain sensitive information via the src/URLResolver.js component. The fix was released in version 0.3.6 which introduces the setUrlAccessPolicy method allowing server operato...
CVE-2026-26801
Server-Side Request Forgery SSRF vulnerability in pdfmake versions 0.3.0-beta.2 through 0.3.5 allows a remote attacker to obtain sensitive information via the src/URLResolver.js component. The fix was released in version 0.3.6 which introduces the setUrlAccessPolicy method allowing server operato...
CVE-2026-26801
CVE-2026-26801 describes a Server-Side Request Forgery (SSRF) in pdfmake versions 0.3.0-beta.2 through 0.3.5, exploitable via the src/URLResolver.js component. The underlying issue is that server-side requests could access arbitrary URLs. The fix is in version 0.3.6, which introduces setUrlAccess...
CVE-2026-30834
Technical details about CVE-2026-30834 are not provided in the connected documents. The initial description notes an SSRF in PinchTab’s /download endpoint and a patch in 0.7.7, but no further specifics (affected versions, exploitation details, or mitigations) are included here. Monitor for updates.
Astro has Full-Read SSRF in error rendering via Host: header injection
Summary Server-Side Rendered pages that return an error with a prerendered custom error page eg. 404.astro or 500.astro are vulnerable to SSRF. If the Host: header is changed to an attacker's server, it will be fetched on /500.html and they can redirect this to any internal URL to read the respon...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the overrides.yoke.cd/flight annotation, which allows a user-supplied URL to be used directly by the controller without validation. An attacker can execute arbitrary code within the controller context by...
CVE-2026-20985
Improper input validation in Samsung Members prior to version 5.6.00.11 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability...
CVE-2026-20985
Improper input validation in Samsung Members prior to version 5.6.00.11 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability...
CVE-2026-20985
Improper input validation in Samsung Members prior to version 5.6.00.11 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability...
CVE-2025-14610
CVE-2025-14610 : The WordPress plugin TableMaster for Elementor (versions up to and including 1.3.6) is vulnerable to authenticated SSRF via the csv_url parameter in the Data Table widget. An attacker with Author-level access or higher can trigger web requests to arbitrary locations (including lo...
CVE-2026-0746
The AI Engine plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.3.2 via the 'getaudio' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations...
CVE-2026-0790
ALGO 8180 IP Audio Alerter Web UI Direct Request Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The...
CVE-2026-0790
CVE-2026-0790 pertains to ALGO 8180 IP Audio Alerter, where the flaw resides in the web-based UI. By navigating directly to a URL, an attacker can unauthenticatedly disclose data, exposing sensitive information from the device. Public sources cite a network-based vector with no privileges require...
CVE-2026-0790
ALGO 8180 IP Audio Alerter Web UI Direct Request Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The...
CVE-2026-0790 ALGO 8180 IP Audio Alerter Web UI Direct Request Information Disclosure Vulnerability
ALGO 8180 IP Audio Alerter Web UI Direct Request Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The...
MiracleLinux 8 : grafana-6.3.6-2.el8 (AXSA:2020-596:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-596:01 advisory. grafana: SSRF incorrect access control vulnerability allows unauthenticated users to make grafana send HTTP requests to any URL CVE-2020-13379 Tenable has...
CVE-2021-31216
Siren Investigate before 11.1.1 contains a server side request forgery SSRF defect in the built-in image proxy route which is enabled by default. An attacker with access to the Investigate installation can specify an arbitrary URL in the parameters of the image proxy route and fetch external URLs...
CVE-2022-37774
There is a broken access control vulnerability in the Maarch RM 2.8.3 solution. When accessing some specific document pdf, email from an archive, a preview is proposed by the application. This preview generates a URL including an md5 hash of the file accessed. The document's URL https://url/tmp/M...