ReportizFlow
Filtered by vendor
Subscriptions
Total
1484 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-1037 | 1 Villatheme | 1 Exmage | 2024-11-21 | 7.2 High |
| The EXMAGE WordPress plugin before 1.0.7 does to ensure that images added via URLs are external images, which could lead to a blind SSRF issue by using local URLs | ||||
| CVE-2022-0990 | 1 Janeczku | 1 Calibre-web | 2024-11-21 | 9.1 Critical |
| Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18. | ||||
| CVE-2022-0939 | 1 Janeczku | 1 Calibre-web | 2024-11-21 | 9.9 Critical |
| Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18. | ||||
| CVE-2022-0870 | 1 Gogs | 1 Gogs | 2024-11-21 | 5.3 Medium |
| Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5. | ||||
| CVE-2022-0768 | 1 Alltubedownload | 1 Alltube | 2024-11-21 | 9.1 Critical |
| Server-Side Request Forgery (SSRF) in GitHub repository rudloff/alltube prior to 3.0.2. | ||||
| CVE-2022-0767 | 1 Janeczku | 1 Calibre-web | 2024-11-21 | 9.9 Critical |
| Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17. | ||||
| CVE-2022-0766 | 1 Janeczku | 1 Calibre-web | 2024-11-21 | 9.8 Critical |
| Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17. | ||||
| CVE-2022-0671 | 1 Redhat | 1 Vscode-xml | 2024-11-21 | 9.1 Critical |
| A flaw was found in vscode-xml in versions prior to 0.19.0. Schema download could lead to blind SSRF or DoS via a large file. | ||||
| CVE-2022-0591 | 1 Subtlewebinc | 1 Formcraft3 | 2024-11-21 | 9.1 Critical |
| The FormCraft WordPress plugin before 3.8.28 does not validate the URL parameter in the formcraft3_get AJAX action, leading to SSRF issues exploitable by unauthenticated users | ||||
| CVE-2022-0528 | 1 Transloadit | 1 Uppy | 2024-11-21 | 6.5 Medium |
| Server-Side Request Forgery (SSRF) in GitHub repository transloadit/uppy prior to 3.3.1. | ||||
| CVE-2022-0508 | 1 Framasoft | 1 Peertube | 2024-11-21 | 5.3 Medium |
| Server-Side Request Forgery (SSRF) in GitHub repository chocobozzz/peertube prior to f33e515991a32885622b217bf2ed1d1b0d9d6832 | ||||
| CVE-2022-0425 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 5.4 Medium |
| A DNS rebinding vulnerability in the Irker IRC Gateway integration in all versions of GitLab CE/EE since version 7.9 allows an attacker to trigger Server Side Request Forgery (SSRF) attacks. | ||||
| CVE-2022-0339 | 1 Janeczku | 1 Calibre-web | 2024-11-21 | 9.8 Critical |
| Server-Side Request Forgery (SSRF) in Pypi calibreweb prior to 0.6.16. | ||||
| CVE-2022-0249 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 3.1 Low |
| A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not blocked. | ||||
| CVE-2022-0136 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 5.4 Medium |
| A vulnerability was discovered in GitLab versions 10.5 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1. GitLab was vulnerable to a blind SSRF attack through the Project Import feature. | ||||
| CVE-2022-0132 | 1 Framasoft | 1 Peertube | 2024-11-21 | 7.5 High |
| peertube is vulnerable to Server-Side Request Forgery (SSRF) | ||||
| CVE-2022-0086 | 1 Transloadit | 1 Uppy | 2024-11-21 | 9.8 Critical |
| uppy is vulnerable to Server-Side Request Forgery (SSRF) | ||||
| CVE-2022-0085 | 1 Dompdf Project | 1 Dompdf | 2024-11-21 | 5.3 Medium |
| Server-Side Request Forgery (SSRF) in GitHub repository dompdf/dompdf prior to 2.0.0. | ||||
| CVE-2021-4075 | 1 Snipeitapp | 1 Snipe-it | 2024-11-21 | 7.2 High |
| snipe-it is vulnerable to Server-Side Request Forgery (SSRF) | ||||
| CVE-2021-46107 | 1 Ligeo-archives | 1 Ligeo Basics | 2024-11-21 | 7.5 High |
| Ligeo Archives Ligeo Basics as of 02_01-2022 is vulnerable to Server Side Request Forgery (SSRF) which allows an attacker to read any documents via the download features. | ||||