• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-918

CVE-2020-15879

February 26, 2023 by

Bitwarden Server 1.35.1 allows SSRF because it does not consider certain IPv6 addresses (ones beginning with fc, fd, fe, or ff, and the :: address) and certain IPv4 addresses (0.0.0.0/8, 127.0.0.0/8, and 169.254.0.0/16).

CVE-2020-15809

February 26, 2023 by

spxmanage on certain SpinetiX devices allows requests that access unintended resources because of SSRF and Path Traversal. This affects HMP350, HMP300, and DiVA through 4.5.2-1.0.36229; HMP400 and HMP400W through 4.5.2-1.0.2-1eb2ffbd; and DSOS through 4.5.2-1.0.2-1eb2ffbd.

CVE-2020-15819

February 26, 2023 by

JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports.

CVE-2020-15822

February 26, 2023 by

In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped.

CVE-2020-15823

February 26, 2023 by

JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.

CVE-2020-15772

February 26, 2023 by

An issue was discovered in Gradle Enterprise 2018.5 – 2020.2.4. When configuring Gradle Enterprise to integrate with a SAML identity provider, an XML metadata file can be uploaded by an administrator. The server side processing of this file dereferences XML External Entities (XXE), allowing a remote attacker with administrative access to perform server side request forgery.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 31
  • Go to page 32
  • Go to page 33
  • Go to page 34
  • Go to page 35
  • Interim pages omitted …
  • Go to page 114
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE