Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Nuclei
Nucleiadded 2026/05/25 4:37 a.m.13 views

Zimbra Collaboration Suite - SSRF

Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3 allows SSRF via the ProxyServlet component. id: CVE-2019-9621 info: name: Zimbra Collaboration Suite - SSRF author: riteshs4hu severity: high description: |...

7.5CVSS7.1AI score0.94113EPSS
Exploits10References5
RedhatCVE
RedhatCVEadded 2025/05/22 8:36 p.m.2 views

CVE-2021-35209

An issue was discovered in ProxyServlet.java in the /proxy servlet in Zimbra Collaboration Suite 8.8 before 8.8.15 Patch 23 and 9.x before 9.0.0 Patch 16. The value of the X-Host header overwrites the value of the Host header in proxied requests. The value of X-Host header is not checked against...

9.8CVSS7.1AI score0.01818EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2022/08/12 3:15 p.m.1 views

CVE-2022-37041

An issue was discovered in ProxyServlet.java in the /proxy servlet in Zimbra Collaboration Suite ZCS 8.8.15 and 9.0. The value of the X-Forwarded-Host header overwrites the value of the Host header in proxied requests. The value of X-Forwarded-Host header is not checked against the whitelist of...

7.5CVSS7.1AI score0.00409EPSS
Exploits0References3
OSV
OSVadded 2022/07/07 8:55 p.m.0 views

GHSA-CJ7V-27PG-WF7Q Jetty invalid URI parsing may produce invalid HttpURI.authority

Description URI use within Jetty's HttpURI class can parse invalid URIs such as http://localhost;/path as having an authority with a host of localhost;. A URIs of the type http://localhost;/path should be interpreted to be either invalid or as localhost; to be the userinfo and no host. However,...

2.7CVSS7.1AI score0.00401EPSS
Exploits0References6
NVD
NVDadded 2014/12/07 9:59 p.m.14 views

CVE-2014-9301

Server-side request forgery SSRF vulnerability in the proxy servlet in Alfresco Community Edition before 5.0.a allows remote attackers to trigger outbound requests to intranet servers, conduct port scans, and read arbitrary files via a crafted URI in the endpoint parameter...

6.4CVSS6.7AI score0.04207EPSS
Exploits1References2
Prion
Prionadded 2014/12/07 9:59 p.m.16 views

Server side request forgery (ssrf)

Server-side request forgery SSRF vulnerability in the proxy servlet in Alfresco Community Edition before 5.0.a allows remote attackers to trigger outbound requests to intranet servers, conduct port scans, and read arbitrary files via a crafted URI in the endpoint parameter...

6.4CVSS7.2AI score0.04207EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2014/12/07 9:0 p.m.38 views

CVE-2014-9301

CVE-2014-9301 affects Alfresco Community Edition before 5.0.a, via a SSRF in the proxy servlet. A crafted endpoint parameter can trigger outbound requests to intranet servers, enabling port scans and reading arbitrary files. Public data reports CVSSv2 base score 6.4 (MEDIUM). Exploitation referen...

6.4CVSS6.9AI score0.04207EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder