CVE-2026-42398

Kibana is affected by SSRF (CWE-918) where authenticated users with connector-management privileges can bypass the operator-configured allowlist by configuring a Webhook connector to target destinations. The issue allows outbound requests to blocked destinations as per egress controls. Affected v...

CVE-2025-23186 Mixed Dynamic RFC Destination vulnerability through Remote Function Call (RFC) in SAP NetWeaver Application Server ABAP

In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call RFC request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited to completely...

PT-2024-9678 · Sap · Sap Netweaver Application Server Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server ABAP affected versions not specified Description: The issue allows an authenticated attacker to craft a Remote Function Call RFC request to restricted destinations, potentially exposing credentials for a remot...

CVE-2020-3482

A vulnerability in the Traversal Using Relays around NAT TURN server component of Cisco Expressway software could allow an unauthenticated, remote attacker to bypass security controls and send network traffic to restricted destinations. The vulnerability is due to improper validation of specific...