Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
crowd vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2019-15005
The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to a missing authorization check. The email message may contain configuration infor...
Atlassian Troubleshooting And Support
Atlassian Jira
Atlassian Bitbucket
Atlassian Confluence
Atlassian Crowd
Atlassian Fisheye
Atlassian Crucible
Atlassian Bamboo
NA
CVE-2022-26136
A vulnerability in multiple Atlassian products allows a remote, unauthenticated malicious user to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used by each app, and how the filters are used. This vulnerability can result in au...
Atlassian Confluence Data Center 7.18.0
Atlassian Confluence Data Center
Atlassian Confluence Server 7.18.0
Atlassian Confluence Server
Atlassian Jira Service Management
Atlassian Jira Data Center
Atlassian Jira Server
Atlassian Crucible
Atlassian Fisheye
Atlassian Crowd 5.0.0
Atlassian Crowd
Atlassian Bitbucket 8.1.0
Atlassian Bitbucket 8.0.0
Atlassian Bitbucket
Atlassian Bamboo
Atlassian Jira Service Desk
1 Article
NA
CVE-2022-26137
A vulnerability in multiple Atlassian products allows a remote, unauthenticated malicious user to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlassian has confirmed and fixed the only known security issue associated with t...
Atlassian Confluence Data Center 7.18.0
Atlassian Confluence Data Center
Atlassian Confluence Server 7.18.0
Atlassian Confluence Server
Atlassian Jira Service Management
Atlassian Jira Data Center
Atlassian Jira Server
Atlassian Crucible
Atlassian Fisheye
Atlassian Crowd 5.0.0
Atlassian Crowd
Atlassian Bitbucket 8.1.0
Atlassian Bitbucket 8.0.0
Atlassian Bitbucket
Atlassian Bamboo
Atlassian Jira Service Desk
1 Article
3.5
CVSSv2
CVE-2018-20239
Application Links before version 5.0.11, from version 5.1.0 prior to 5.2.10, from version 5.3.0 prior to 5.3.6, from version 5.4.0 prior to 5.4.12, and from version 6.0.0 prior to 6.0.4 allows remote malicious users to inject arbitrary HTML or JavaScript via a cross site scriptin...
Atlassian Application Links
Atlassian Fisheye
Atlassian Crucible
Atlassian Jira Server
Atlassian Jira Data Center
Atlassian Confluence Data Center
Atlassian Confluence Server
Atlassian Crowd
2.1
CVSSv2
CVE-2018-1000423
An insufficiently protected credentials vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and previous versions in CrowdSecurityRealm.java, CrowdConfigurationService.java that allows attackers with local file system access to obtain the credentials used to connect ...
Atlassian Crowd2
4
CVSSv2
CVE-2018-1000422
An improper authorization vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and previous versions in CrowdSecurityRealm.java that allows malicious users to have Jenkins perform a connection test, connecting to an attacker-specified server with attacker-specified cr...
Atlassian Crowd2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3