Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-12477

Malicious code in bioql PyPI...

6.3CVSS4.8AI score0.00137EPSS
Exploits1References8
CVE
CVEadded 2025/07/25 5:32 a.m.23 views

CVE-2025-8133

ChanCMS up to version 3.1.2 is vulnerable to server-side request forgery in the getArticle function (app/modules/api/service/gather.js) via manipulation of the targetUrl parameter. Remote exploitation is possible and has been disclosed publicly. Upgrading to version 3.1.3 addresses the issue (pat...

6.5CVSS6.5AI score0.00264EPSS
Exploits1References6Affected Software1
RedhatCVE
RedhatCVEadded 2025/05/23 11:57 a.m.6 views

CVE-2025-0480

A vulnerability classified as problematic has been found in wuzhicms 4.1.0. This affects the function test of the file coreframe/app/search/admin/config.php. The manipulation of the argument sphinxhost/sphinxport leads to server-side request forgery. It is possible to initiate the attack remotely...

5.3CVSS6.9AI score0.00174EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2022/12/19 8:12 p.m.3 views

CVE-2022-38708 IBM Cognos Analytics server-side request forgery

IBM Cognos Analytics 11.1.7 11.2.0, and 11.2.1 could be vulnerable to a Server-Side Request Forgery Attack SSRF attack by constructing URLs from user-controlled data. This could enable attackers to make arbitrary requests to the internal network or to the local file system. IBM X-Force ID: 234180...

6.5CVSS8.6AI score0.00241EPSS
Exploits0References2
NVD
NVDadded 2022/03/08 10:15 p.m.10 views

CVE-2022-24739

alltube is an html front end for youtube-dl. On releases prior to 3.0.3, an attacker could craft a special HTML page to trigger either an open redirect attack or a Server-Side Request Forgery attack depending on how AllTube is configured. The impact is mitigated by the fact the SSRF attack is onl...

7.3CVSS0.00247EPSS
Exploits0References4
OSV
OSVadded 2022/03/08 9:40 p.m.14 views

CVE-2022-24739 Server-Side Request Forgery (SSRF) and URL Redirection to Untrusted Site ('Open Redirect') in alltube

alltube is an html front end for youtube-dl. On releases prior to 3.0.3, an attacker could craft a special HTML page to trigger either an open redirect attack or a Server-Side Request Forgery attack depending on how AllTube is configured. The impact is mitigated by the fact the SSRF attack is onl...

7.3CVSS6.4AI score0.00247EPSS
Exploits0References6
Hacker One
Hacker Oneadded 2021/10/23 3:13 a.m.12 views

MTN Group: SSRF Keycloak before 13.0.0 - CVE-2020-10770 on https://sponsoredata.mtn.ci

A flaw was found in Keycloak before 13.0.0, where it was possible to force the server to call out an unverified URL using the OIDC parameter requesturi. This flaw allowed an attacker to use this parameter to execute a Server-side request forgery SSRF attack...

5.3CVSS6.7AI score0.92282EPSS
Exploits5
Rows per page
Query Builder