Lucene search
K

20 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:31 a.m.9 views

CVE-2019-16932

A blind SSRF vulnerability exists in the Visualizer plugin before 3.3.1 for WordPress via wp-json/visualizer/v1/upload-data...

10CVSS6.9AI score0.39137EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-25854

Malware in sbrugna...

9.8CVSS9.4AI score0.02358EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-28800

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.00829EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-2774

Malicious code in bioql PyPI...

7.9CVSS6.6AI score0.00143EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-39120

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00381EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-20181

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.00609EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-49459

Malicious code in bioql PyPI...

2.3CVSS4.4AI score0.00302EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2025/07/28 4:41 p.m.17 views

webfinger.js Blind SSRF Vulnerability

Description The lookup function takes a user address for checking accounts as a feature, however, as per the ActivityPub spec https://www.w3.org/TR/activitypub/security-considerations, on the security considerations section at B.3, access to Localhost services should be prevented while running in...

6.9CVSS7.2AI score0.006EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/07/28 4:41 p.m.7 views

GHSA-8XQ3-W9FX-74RV webfinger.js Blind SSRF Vulnerability

Description The lookup function takes a user address for checking accounts as a feature, however, as per the ActivityPub spec https://www.w3.org/TR/activitypub/security-considerations, on the security considerations section at B.3, access to Localhost services should be prevented while running in...

6.9CVSS7.2AI score0.006EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 9:35 a.m.8 views

CVE-2024-22648

A Blind SSRF vulnerability exists in the "Crawl Meta Data" functionality of SEO Panel version 4.10.0. This makes it possible for remote attackers to scan ports in the local environment...

5.3CVSS6.8AI score0.00609EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:5 p.m.9 views

CVE-2022-39383

KubeVela is an open source application delivery platform. Users using the VelaUX APIServer could be affected by this vulnerability. When using Helm Chart as the component delivery method, the request address of the warehouse is not restricted, and there is a blind SSRF vulnerability. Users who're...

6.5CVSS6.8AI score0.00376EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/13 5:37 p.m.13 views

CVE-2025-22399

Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Server-side request forgery...

7.9CVSS6.7AI score0.00143EPSS
Exploits0References3
NVD
NVD
added 2025/02/11 5:15 p.m.33 views

CVE-2025-22399

Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Server-side request forgery...

7.9CVSS0.00143EPSS
Exploits0References1
CVE
CVE
added 2025/02/11 4:24 p.m.69 views

CVE-2025-22399

Dell UCC Edge 2.3.0 is affected by a Blind SSRF in the Add Customer SFTP Server component. The vulnerability allows an unauthenticated, locally located attacker to trigger server-side requests, impacting confidentiality, integrity, and availability as indicated by CVSS metrics (high impact, local...

7.9CVSS7.7AI score0.00143EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/30 12:0 a.m.5 views

CVE-2024-22648

A Blind SSRF vulnerability exists in the "Crawl Meta Data" functionality of SEO Panel version 4.10.0. This makes it possible for remote attackers to scan ports in the local environment...

5.1AI score0.00609EPSS
Exploits1References1
CVE
CVE
added 2023/10/23 12:0 a.m.54 views

CVE-2023-45966

The CVE-2023-45966 entry concerns umputun remark42 (versions 1.12.1 and earlier) with a Blind Server-Side Request Forgery (SSRF) vulnerability. Affected component: remark42; root cause is SSRF that is not fully exposed in the provided details. Impact per CVSS indicates high confidentiality impact...

7.5CVSS7.6AI score0.00586EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/02/20 12:0 a.m.56 views

Moodle 3.9.x < 3.9.18 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.18, 3.11.x prior to 3.11.11 or 4.0.x prior to 4.0.5. It is, therefore, affected by multiple vulnerabilities: - An information disclosure due to a user CSRF token being unnecessarily included in the URL during the redirection...

9.1CVSS6.2AI score0.01352EPSS
Exploits0References8
OSV
OSV
added 2022/12/07 6:45 p.m.52 views

GO-2022-1113 Server-side request forgery in github.com/oam-dev/kubevela

When using Helm Chart as the component delivery method, the request address of the warehouse is not restricted, and there is a blind SSRF vulnerability...

6.5CVSS5.6AI score0.00376EPSS
Exploits0References2
Hacker One
Hacker One
added 2022/10/22 11:43 a.m.64 views

Nextcloud: Mail app - blind SSRF via smtpHost parameter

A blind SSRF vulnerability was discovered in the Nextcloud Mail application, allowing an attacker to retrieve services running locally on the server and scan the internal network for information. The vulnerability was found in the smtpHost parameter and could be exploited by any user with the mai...

5CVSS4.6AI score0.00919EPSS
Exploits1
Cvelist
Cvelist
added 2022/09/20 6:55 p.m.22 views

CVE-2022-30579 TIBCO Spotfire Server Blind SSRF vulnerability

The Web Player component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a difficult to exploit vulnerability that allows a low privileged attacker with network access to execute blind Server Side Request Forgery SSRF on the affect...

7.1CVSS8.4AI score0.00481EPSS
Exploits0References2
Rows per page
Query Builder