CVE-2026-11346

A Server-Side Request Forgery SSRF vulnerability in the custom process creation feature of linqi allows an authenticated attacker to probe internal network components. By crafting a specific process containing an HTTP Request component, an attacker can force the server to send arbitrary HTTP...

EUVD-2026-34825

A Server-Side Request Forgery SSRF vulnerability in the custom process creation feature of linqi allows an authenticated attacker to probe internal network components. By crafting a specific process containing an HTTP Request component, an attacker can force the server to send arbitrary HTTP...

Group Office 代码问题漏洞

Group Office is a modular office suite developed by the Dutch company Group Office. Versions of Group Office prior to 6.8.150, 25.0.82, and 26.0.5 contained code vulnerabilities. These vulnerabilities stemmed from server-side request forgeing in the WOPI service discovery URL, which could lead to...

EUVD-2025-21830

Malicious code in bioql PyPI...

EUVD-2025-5345

Malicious code in bioql PyPI...

CVE-2025-7398

Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on internal ports ports 9000 and 8036...

CVE-2025-7398

Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on internal ports ports 9000 and 8036...

Brocade ASCG 安全漏洞

Brocade ASCG is a networking feature from Brocade USA that is primarily used to simplify SAN architecture and optimize resource utilization. A security vulnerability exists in Brocade ASCG versions prior to 3.3.0 that stems from the use of medium-strength encryption algorithms on internal ports...

PT-2025-29977

Name of the Vulnerable Software and Affected Versions Brocade ASCG versions prior to 3.3.0 Description Brocade ASCG versions prior to 3.3.0 allow the use of medium strength cryptography algorithms on internal ports 9000 and 8036. Recommendations Update Brocade ASCG to version 3.3.0 or later...

Medium Strength Cipher Suites detected on port on ports 9000 and 8036

Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on ports 9000 and 8036. Those ports are internal ports...

SICK Field Analytics和SICK Media Server 代码问题漏洞

SICK Field Analytics and SICK Media Server are both products of SICK Germany.SICK Field Analytics is a software for evaluating manufacturing data.SICK Media Server is a media server. A code issue vulnerability exists in SICK Field Analytics and SICK Media Server that stems from vulnerability to...

Exploit for Server-Side Request Forgery in Rbaskets Request_Baskets

CVE-2023-27163 PoC Exploit Code This Python script is a Proof...

CVE-2023-6578

A vulnerability classified as critical has been found in Software AG WebMethods 10.11.x/10.15.x. Affected is an unknown function of the file wm.server/connect/. The manipulation leads to improper access controls. It is possible to launch the attack remotely. To access a file like /assets/ a popup...

CVE-2020-21641

Summary: CVE-2020-21641 affects Zoho ManageEngine Analytics Plus prior to 4.3.5. The issue is an Out-of-Band XML External Entity (OOB-XXE) in the handling of a crafted XML license file used by the product. What is affected: ManageEngine Analytics Plus (versions before 4.3.5). The vulnerability so...

CVE-2020-21641

Out-of-Band XML External Entity OOB-XXE vulnerability in Zoho ManageEngine Analytics Plus before 4.3.5 allows remote attackers to read arbitrary files, enumerate folders and scan internal ports via crafted XML license file...

Sifchain: Information Disclosure at one of your subdomain

Dear Team, Hope you are doing very well and safe. I was looking into your application and i find some bugs on your application which is disclosing internal port and also the ips. That can leads an attacker to do lots of serious attacks. Please verify:- https://rpc.sifchain.finance/...

Atlassian Confluence Server 代码问题漏洞

Atlassian Confluence Server is the server version of Atlassian Australia's suite of collaboration software with enterprise knowledge management capabilities and support for building enterprise WiKi. A server-side request forgery vulnerability exists in Confluence Server versions prior to 7.11.0,...

PT-2021-11666 · Atlassian · Confluence

Name of the Vulnerable Software and Affected Versions: Confluence Server versions prior to 7.4.8 Confluence Server versions 7.5.0 through 7.10.9 Description: The issue allows attackers to identify internal hosts and ports via a blind server-side request forgery vulnerability in Team Calendars...

Server side request forgery (ssrf)

Server Side Request Forgery SSRF in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to scan internal ports and make outbound connections via the initFile.jsp file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

Exploit for Server-Side Request Forgery in Cockpit-Project Cockpit

Cockpit-Project v234 - Server-Side Request Vulnerability unau...