Loftware Spectrum (testDeviceConnection) before 5.1 allows SSRF.
Loftware Spectrum before 5.1 allows SSRF.
Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function.
Loftware Spectrum through 4.6 has unprotected JMX Registry.
Loftware Spectrum before 4.6 HF14 allows authenticated XXE attacks.
Loftware Spectrum before 4.6 HF14 uses a Hard-coded Password.
Oxide control plane software before 5 allows SSRF.
Loftware Spectrum through 4.6 exposes Sensitive Information (Logs) to an Unauthorized Actor.
Northern.tech Mender before 3.6.6 and 3.7.x before 3.7.7 allows SSRF.
Akamai CloudTest before 60 2025.06.09 (12989) allows SSRF.
In JetBrains TeamCity before 2026.1,
2025.11.5 unauthenticated SSRF via build status was possible
SugarCRM before 13.0.4 and 14.x before 14.0.1 allows SSRF in the API module because a limited type of code injection can occur.
Memory corruption while processing the TESTPATTERNCONFIG escape path.
Crafted Binder Request Causes Heap UAF in MediaServer
Northern.tech Hosted Mender before 2024.07.11 allows SSRF.
Memory corruption during concurrent SSR execution due to race condition on the global maps list.
Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver.
Sematell ReplyOne 7.4.3.0 allows SSRF via the application server API.
A null pointer dereference vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware vers
DevExpress before 23.1.3 allows AsyncDownloader SSRF.
Page 1+ Next →