267 matches found
CVE-2024-11040
...
CVE-2024-12376 Server Side Request Forgery in lm-sys/fastchat
A Server-Side Request Forgery SSRF vulnerability was identified in the lm-sys/fastchat web server, specifically in the affected version git 2c68a13. This vulnerability allows an attacker to access internal server resources and data that are otherwise inaccessible, such as AWS metadata credentials...
CVE-2024-5186
A Server-Side Request Forgery SSRF vulnerability exists in the file upload section of imartinez/privategpt version 0.5.0. This vulnerability allows attackers to send crafted requests that could result in unauthorized access to the local network and potentially sensitive information. Specifically,...
CVE-2024-52579
Misskey is an open source, federated social media platform. Some APIs using HttpRequestService do not properly check the target host. This vulnerability allows an attacker to send POST or GET requests to the internal server, which may result in a SSRF attack.It allows an attacker to send POST or...
CVE-2024-52579 Server-Side Request Forgery vulnerability in various APIs in Misskey
Misskey is an open source, federated social media platform. Some APIs using HttpRequestService do not properly check the target host. This vulnerability allows an attacker to send POST or GET requests to the internal server, which may result in a SSRF attack.It allows an attacker to send POST or...
CVE-2024-47580
An attacker authenticated as an administrator can use an exposed webservice to create a PDF with an embedded attachment. By specifying the file to be an internal server file and subsequently downloading the generated PDF, the attacker can read any file on the server with no effect on integrity or...
CVE-2024-47580
CVE-2024-47580 affects SAP NetWeaver AS Java (Adobe Document Service). An attacker authenticated as an administrator can use an exposed webservice to create a PDF with an embedded attachment; by forcing the file to be an internal server file and downloading the PDF, they can read arbitrary server...
Hotfix XS82ECU1074 - For Citrix Hypervisor 8.2 Cumulative Update 1
Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.2 Cumulative Update 1. Note: This hotfix is available only to customers on theCustomer Success Servicesprogram. Where To Get This Hotfix Download Citrix Hypervisor 8.2 Cumulative Update 1 hotfixes from...
Applications in StoreFront Fail to Enumerate
When using Citrix Receiver running in Mac 11 to log on to StoreFront, the applications fail to enumerate. An internal server error occurs in the client device. The following is the log trace of the issue in StoreFront server: Log Name: Citrix Delivery ServicesSource: WebApplicationDate: 06/02/201...
PT-2024-27348 · Microsoft +1 · Azure Blob Storage +1
Name of the Vulnerable Software and Affected Versions: Computer Vision Annotation Tool CVAT versions 2.1.0 through 2.14.3 Description: The issue allows an attacker with a CVAT account to exploit a feature by specifying custom endpoint URLs for cloud storages based on Amazon S3 and Azure Blob...
RHEL 5 : kdelibs (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - kdelibs: kssl incorrect verification of SSL certificate with NUL in subjectAltName CVE-2009-2702 - kf5-ki...
CVE-2024-30420
Server-side request forgery SSRF vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12 and Ver.3.0.x series versions prior to Ver.3.0.32. If this vulnerability is exploited, a user with an administrator or higher privilege who can log in to the product may obtain...
CVE-2024-30420
CVE-2024-30420 is an SSRF flaw in a-blog cms affecting the 3.0.x (prior to 3.0.32) and 3.1.x (prior to 3.1.12) series. The vulnerability allows a user with administrator or higher privileges who can log in to the product to obtain arbitrary files on the server and access internal server informati...
CVE-2024-28247
The Pi-hole is a DNS sinkhole that protects your devices from unwanted content without installing any client-side software. A vulnerability has been discovered in Pihole that allows an authenticated user on the platform to read internal server files arbitrarily, and because the application runs...
CVE-2024-28247
Pi-hole Core (DNS sinkhole) is affected by CVE-2024-28247 due to an authenticated Arbitrary File Read via the file:// handling path. The issue allows an authenticated user to read internal server files, exploiting local-file update logic where non-domain lines printed from a provided file could r...
CVE-2024-28247 Pihole Authenticated Arbitrary File Read with root privileges
The Pi-hole is a DNS sinkhole that protects your devices from unwanted content without installing any client-side software. A vulnerability has been discovered in Pihole that allows an authenticated user on the platform to read internal server files arbitrarily, and because the application runs...
[NetScaler-Gateway] iOS CWA cannot connect to Store, 500 Internal Server Error 43549
You may encounter the issue when login with iOS workspace app, user cannot connect to StoreFront after login NetScaler gateway. In nstrace, you can observe the following symptom: 1. NetScaler responds iosc cookie to client: POST /nf/auth/webview/done HTTP/1.1...HTTP/1.1 200 OKSet-Cookie:...
Pz-LinkCard < 2.5.3 - Contributor+ SSRF
Description The plugin does not prevent users from pinging arbitrary hosts via some of its shortcodes, which could allow high privilege users such as contributors to perform SSRF attacks. Setup a listener on a localhost/LAN host such as nc -l 127.0.0.1 9000, then as a contributor, put the followi...
PYSEC-2024-127
Label Studio is a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.11.0 and was tested on version 1.8.2. Label Studio's SSRF protections that can be enabled by setting the SSRFPROTECTIONENABLED environment variable can be bypassed to access...
Server side request forgery (ssrf)
LangChain before 0.0.317 allows SSRF via documentloaders/recursiveurlloader.py because crawling can proceed from an external server to an internal server...