Export limit exceeded: 351254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (3364 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-13588 | 1 Lkinderbuno | 1 Streamity Xtream Iptv Player | 2026-04-15 | 6.3 Medium |
| A vulnerability was found in lKinderBueno Streamity Xtream IPTV Player up to 2.8. The impacted element is an unknown function of the file public/proxy.php. Performing manipulation results in server-side request forgery. The attack can be initiated remotely. The exploit has been made public and could be used. Upgrading to version 2.8.1 is sufficient to resolve this issue. The patch is named c70bfb8d36b47bfd64c5ec73917e1d9ddb97af92. It is suggested to upgrade the affected component. | ||||
| CVE-2025-55075 | 1 Iodata | 1 Wn-7d36qr | 2026-04-15 | 4.9 Medium |
| Hidden functionality issue exists in WN-7D36QR and WN-7D36QR/UE. If this vulnerability is exploited, SSH may be enabled by a remote authenticated attacker. | ||||
| CVE-2025-13999 | 2 Bplugins, Wordpress | 2 Html5 Audio Player, Wordpress | 2026-04-15 | 7.2 High |
| The HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions from 2.4.0 up to, and including, 2.5.1 via the getIcyMetadata() function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | ||||
| CVE-2025-14116 | 1 Yuxi-know Project | 1 Yuxi-know | 2026-04-15 | 4.7 Medium |
| A vulnerability was detected in xerrors Yuxi-Know up to 0.4.0. This vulnerability affects the function OtherEmbedding.aencode of the file /src/models/embed.py. Performing manipulation of the argument health_url results in server-side request forgery. The attack can be initiated remotely. The exploit is now public and may be used. The patch is named 0ff771dc1933d5a6b78f804115e78a7d8625c3f3. To fix this issue, it is recommended to deploy a patch. The vendor responded with a vulnerability confirmation and a list of security measures they have established already (e.g. disabled URL parsing, disabled URL upload mode, removed URL-to-markdown conversion). | ||||
| CVE-2024-10814 | 2026-04-15 | 6.4 Medium | ||
| The Code Embed plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5 via the ce_get_file() function. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | ||||
| CVE-2025-54370 | 1 Phpoffice | 1 Phpspreadsheet | 2026-04-15 | N/A |
| PhpOffice/PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to versions 1.30.0, 2.1.12, 2.4.0, 3.10.0, and 5.0.0, SSRF can occur when a processed HTML document is read and displayed in the browser. The vulnerability lies in the setPath method of the PhpOffice\PhpSpreadsheet\Worksheet\Drawing class, where a crafted string from the user is passed to the HTML reader. This issue has been patched in versions 1.30.0, 2.1.12, 2.4.0, 3.10.0, and 5.0.0. | ||||
| CVE-2024-0216 | 2026-04-15 | 6.4 Medium | ||
| The Google Doc Embedder plugin for WordPress is vulnerable to Server Side Request Forgery via the 'gview' shortcode in versions up to, and including, 2.6.4. This can allow authenticated attackers with contributor-level permissions or above to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | ||||
| CVE-2025-53473 | 2026-04-15 | N/A | ||
| Server-side request forgery (SSRF) vulnerability exists n multiple versions of Nimesa Backup and Recovery, If this vulnerability is exploited, unintended requests may be sent to internal servers. | ||||
| CVE-2025-5276 | 2026-04-15 | 7.4 High | ||
| All versions of the package mcp-markdownify-server are vulnerable to Server-Side Request Forgery (SSRF) via the Markdownify.get() function. An attacker can craft a prompt that, once accessed by the MCP host, can invoke the webpage-to-markdown, bing-search-to-markdown, and youtube-to-markdown tools to issue requests and read the responses to attacker-controlled URLs, potentially leaking sensitive information. | ||||
| CVE-2025-51591 | 2026-04-15 | 3.7 Low | ||
| A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attackers to gain access to and compromise the whole infrastructure via injecting a crafted iframe. Note: Some users have stated that Pandoc by default can retrieve and parse untrusted HTML content which can enable SSRF vulnerabilities. Using the ‘--sandbox’ option or ‘pandoc-server’ can mitigate such vulnerabilities. Using pandoc with an external ‘--pdf-engine’ can also enable SSRF vulnerabilities, such as CVE-2022-35583 in wkhtmltopdf. | ||||
| CVE-2025-5140 | 2026-04-15 | 6.3 Medium | ||
| A vulnerability classified as critical has been found in Seeyon Zhiyuan OA Web Application System up to 8.1 SP2. This affects the function this.oursNetService.getData of the file com\ours\www\ehr\openPlatform1\open4ClientType\controller\ThirdMenuController.class. The manipulation of the argument url leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-15098 | 1 Yunaiv | 1 Yudao-cloud | 2026-04-15 | 6.3 Medium |
| A vulnerability was determined in YunaiV yudao-cloud up to 2025.11. This affects the function BpmHttpCallbackTrigger/BpmSyncHttpRequestTrigger of the component Business Process Management. Executing manipulation of the argument url/header/body can lead to server-side request forgery. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-48739 | 1 Strangebee | 1 Thehive | 2026-04-15 | N/A |
| A Server-Side Request Forgery (SSRF) vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5.5.0 before 5.5.1 allows remote authenticated attackers with admin permissions (allowing them to access specific API endpoints) to manipulate URLs to direct requests to unexpected hosts or ports. This allows the attacker to use a TheHive server as a proxy to reach internal or otherwise restricted resources. This could be exploited to access other servers on the internal network. | ||||
| CVE-2025-47293 | 2026-04-15 | N/A | ||
| PowSyBl (Power System Blocks) is a framework to build power system oriented software. Prior to version 6.7.2, in certain places, powsybl-core XML parsing is vulnerable to an XML external entity (XXE) attack and to a server-side request forgery (SSRF) attack. This allows an attacker to elevate their privileges to read files that they do not have permissions to, including sensitive files on the system. The vulnerable class is com.powsybl.commons.xml.XmlReader which is considered to be untrusted in use cases where untrusted users can submit their XML to the vulnerable methods. This can be a multi-tenant application that hosts many different users perhaps with different privilege levels. This issue has been patched in com.powsybl:powsybl-commons: 6.7.2. | ||||
| CVE-2025-47184 | 1 Exagrid | 1 Ex10 | 2026-04-15 | 5.3 Medium |
| An XML external entities (XXE) injection vulnerability in the /init API endpoint in Exagid EX10 before 6.4.0 P20, 7.0.1 P12, and 7.2.0 P08 allows an authenticated, unprivileged attacker to achieve information disclosure and privilege escalation via a crafted ISys XML message. | ||||
| CVE-2025-22374 | 2026-04-15 | N/A | ||
| A Server-Side Request Forgery (SSRF) vulnerability was discovered in the videx-legacy-ssl web service of Videx’s CyberAudit-Web, affecting versions prior to 1.1.3. This vulnerability has been patched in versions after 1.1.3. Leaving this vulnerability unpatched could lead to unauthorized access to the underlying infrastructure. | ||||
| CVE-2025-2304 | 2026-04-15 | N/A | ||
| A Privilege Escalation through a Mass Assignment exists in Camaleon CMS When a user wishes to change his password, the 'updated_ajax' method of the UsersController is called. The vulnerability stems from the use of the dangerous permit! method, which allows all parameters to pass through without any filtering. | ||||
| CVE-2025-24340 | 2026-04-15 | 6.5 Medium | ||
| A vulnerability in the users configuration file of ctrlX OS may allow a remote authenticated (low-privileged) attacker to recover the plaintext passwords of other users. | ||||
| CVE-2025-25589 | 2026-04-15 | 8.1 High | ||
| An XML external entity (XXE) injection vulnerability in the component /weixin/aes/XMLParse.java of yimioa before v2024.07.04 allows attackers to execute arbitrary code via supplying a crafted XML file. | ||||
| CVE-2025-27406 | 2026-04-15 | 7.7 High | ||
| Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework Icinga Web 2. A vulnerability present in versions 0.10.0 through 1.0.2 allows to set up a template that allows to embed arbitrary Javascript. This enables the attacker to act on behalf of the user, if the template is being previewed; and act on behalf of the headless browser, if a report using the template is printed to PDF. This issue has been resolved in version 1.0.3 of Icinga Reporting. As a workaround, review all templates and remove suspicious settings. | ||||