Total
1644 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-22219 | 2024-08-19 | N/A | 6.3 MEDIUM | ||
| XML External Entity (XXE) vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC versions up to 1.0.4 allows authenticated users to submit malicious XML via unspecified features which could lead to various actions such as accessing the underlying server, remote code execution (RCE), or performing Server-Side Request Forgery (SSRF) attacks. | |||||
| CVE-2022-1751 | 2024-08-19 | N/A | 7.2 HIGH | ||
| The Skitter Slideshow plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.2 via the /image.php file. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | |||||
| CVE-2024-38109 | 1 Microsoft | 1 Azure Health Bot | 2024-08-16 | N/A | 9.1 CRITICAL |
| An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network. | |||||
| CVE-2024-38206 | 1 Microsoft | 1 Copilot Studio | 2024-08-14 | N/A | 8.5 HIGH |
| An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network. | |||||