Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitbucket vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2023-50931
An issue exists in savignano S/Notify prior to 2.0.1 for Bitbucket. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or ...
Savignano S\\/notify
NA
CVE-2024-23734
Cross Site Request Forgery vulnerability in in the upload functionality of the User Profile pages in savignano S/Notify prior to 2.0.1 for Bitbucket allow malicious users to replace S/MIME certificate or PGP keys for arbitrary users via crafted link.
5.4
CVSSv3
CVE-2023-36662
The TechTime User Management components for Atlassian products allow stored XSS on the Bulk User Actions page. This affects User Management for Jira 2.0.0 up to and including 2.17.1, User Management for Confluence 2.0.0 up to and including 2.15.24, and User Management for Bitbuck...
Techtime User Management
7.5
CVSSv3
CVE-2016-6668
The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 prior to 6.27.5, 6.28.0 prior to 7.3.7, and 7.4.0 prior to 7.8.17; Confluence HipChat plugin 6.26.0 prior to 7.8.17; and HipChat for JIRA plugin 6.26.0 prior to 7.8.17 allows remote malicious users to obtain the...
Atlassian Confluence Server 5.5.0
Atlassian Confluence Server 5.9.6
Atlassian Confluence Server 5.9.5
Atlassian Confluence Server 5.9.8
Atlassian Confluence Server 5.9.7
Atlassian Confluence Server 5.9.2
Atlassian Confluence Server 5.9.1
Atlassian Confluence Server 5.9.4
Atlassian Confluence Server 5.9.3
Atlassian Confluence Server 5.10.1
Atlassian Confluence Server 5.9.10
Atlassian Confluence Server 5.9.11
Atlassian Confluence Server 5.9.12
Atlassian Confluence Server 5.10.0
Atlassian Confluence Server 5.10.2
Atlassian Confluence Server 5.9.9
Atlassian Confluence Server 5.10.3
Atlassian Jira Integration For Hipchat 7.4.1
Atlassian Jira Integration For Hipchat 7.3.3
Atlassian Jira Integration For Hipchat 6.26.0
Atlassian Jira Integration For Hipchat 7.1.0
Atlassian Jira Integration For Hipchat 6.26.10
7.5
CVSSv3
CVE-2019-6788
An issue exists in GitLab Community and Enterprise Edition prior to 11.5.8, 11.6.x prior to 11.6.6, and 11.7.x prior to 11.7.1. It allows Information Disclosure (issue 3 of 6). For installations using GitHub or Bitbucket OAuth integrations, it is possible to use a covert redirect...
Gitlab Gitlab
2 Github repositories
9.8
CVSSv3
CVE-2021-37843
The resolution SAML SSO apps for Atlassian products allow a remote malicious user to login to a user account when only the username is known (i.e., no other authentication is provided). The fixed versions are for Jira: 3.6.6.1, 4.0.12, 5.0.5; for Confluence 3.6.6, 4.0.12, 5.0.5; ...
Atlassian Saml Single Sign On
6.1
CVSSv3
CVE-2023-52240
The Kantega SAML SSO OIDC Kerberos Single Sign-on apps prior to 6.20.0 for Atlassian products allow XSS if SAML POST Binding is enabled. This affects 4.4.2 up to and including 4.14.8 prior to 4.14.9, 5.0.0 up to and including 5.11.4 prior to 5.11.5, and 6.0.0 up to and including ...
Kantega-sso Kantega Saml Sso Oidc Kerberos Single Sign-on
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5