Falhas do tipo CWE-918

2.185 resultados
CVE-2025-22474MEDIUMDell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) a Server-Side Request Forgery (SSRF) vulnerabiEPSS 0.4%CVE-2023-42477MEDIUMServer-Side Request Forgery in SAP NetWeaver AS Java (GRMG Heartbeat application)EPSS 0.4%CVE-2025-31117MEDIUMOpenEMR Out-of-Band Server-Side Request Forgery (OOB SSRF) VulnerabilityEPSS 0.4%CVE-2024-9624HIGHWP All Import Pro <= 4.9.3 - Authenticated (Administrator+) Server-Side Request Forgery via File ImportEPSS 0.4%CVE-2024-30256MEDIUMOpen WebUI vulnerable to server-side request forgery in utils.pyEPSS 0.4%CVE-2023-45195MEDIUMAdminer and AdminerEvo SSRFEPSS 0.4%CVE-2025-11864MEDIUMNucleoidAI Nucleoid Outbound Request cluster.ts extension.apply server-side request forgeryEPSS 0.4%CVE-2024-26476LOWAn issue in open-emr before v.7.0.2 allows a remote attacker to escalate privileges via a crafted script to the formid parameter in the ereqEPSS 0.4%CVE-2024-28435MEDIUMThe CRM platform Twenty version 0.3.0 is vulnerable to SSRF via file upload.EPSS 0.4%CVE-2024-23654MEDIUMdiscourse-ai admin-initiated SSRF when interacting with AI servicesEPSS 0.4%CVE-2024-53696MEDIUMQuLog CenterEPSS 0.4%CVE-2025-10764MEDIUMSeriaWei ZKEACMS Event Action System PendingTaskController.cs Edit server-side request forgeryEPSS 0.4%CVE-2025-7787MEDIUMXuxueli xxl-job SampleXxlJob.java httpJobHandler server-side request forgeryEPSS 0.4%CVE-2024-13195MEDIUMdonglight bookstore电商书城系统说明 HttpUtil.java getHtml server-side request forgeryEPSS 0.4%CVE-2022-39055MEDIUMChanging Information Technology Inc. RAVA certificate validation system - Server-Side Request Forgery (SSRF)EPSS 0.4%CVE-2025-52477HIGHOcto-STS Vulnerable to Unauthenticated SSRF with HTTP Response Reflection in OIDC FlowEPSS 0.4%CVE-2024-31993MEDIUMMealie vulnerable to a GET-based SSRF in recipe image importer (GHSL-2023-227)EPSS 0.4%CVE-2026-11437MEDIUMperfree go-fastdfs-web Installation Endpoint checkServer server-side request forgeryEPSS 0.4%CVE-2025-45872CRITICALzrlog v3.1.5 was discovered to contain a Server-Side Request Forgery (SSRF) via the downloadUrl parameter.EPSS 0.4%CVE-2023-50733HIGHA Server-Side Request Forgery (SSRF) vulnerability exists in newer Lexmark devices.EPSS 0.4%