Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
confluence vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2019-3398
Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has 'Admin' permissions for a...
Atlassian Confluence
Atlassian Confluence Server
1 Github repository
10
CVSSv2
CVE-2019-3396
The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 prior to 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 prior to 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 prior to 6...
Atlassian Confluence
Atlassian Confluence Server
1 EDB exploit
19 Github repositories
1 Article
7.5
CVSSv2
CVE-2019-3395
The WebDAV endpoint in Atlassian Confluence Server and Data Center before version 6.6.7 (the fixed version for 6.6.x), from version 6.7.0 prior to 6.8.5 (the fixed version for 6.8.x), and from version 6.9.0 prior to 6.9.3 (the fixed version for 6.9.x) allows remote malicious user...
Atlassian Confluence Server
Atlassian Confluence
4
CVSSv2
CVE-2018-20237
Atlassian Confluence Server and Data Center before version 6.13.1 allows an authenticated user to download a deleted page via the word export feature.
Atlassian Confluence Server
Atlassian Confluence Data Center
5
CVSSv2
CVE-2018-18289
The MESILAT Zabbix plugin prior to 1.1.15 for Atlassian Confluence allows malicious users to read arbitrary files.
Mesilat Zabbix
4.3
CVSSv2
CVE-2018-13394
The acceptAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote malicious users to modify a comment into an answer via a Cross-site request forg...
Atlassian Questions For Confluence
4.3
CVSSv2
CVE-2018-13393
The convertCommentToAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote malicious users to modify a comment into an answer via a Cross-site re...
Atlassian Questions For Confluence
4
CVSSv2
CVE-2018-1999039
A server-side request forgery vulnerability exists in Jenkins Confluence Publisher Plugin 2.0.1 and previous versions in ConfluenceSite.java that allows malicious users to have Jenkins submit login requests to an attacker-specified Confluence server URL with attacker specified cr...
Jenkins Confluence Publisher
4.3
CVSSv2
CVE-2018-13389
The attachment resource in Atlassian Confluence before version 6.6.1 allows remote malicious users to spoof web content in the Mozilla Firefox Browser through attachments that have a content-type of application/rdf+xml.
Atlassian Confluence
5
CVSSv2
CVE-2018-8012
No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper prior to 3.4.10, and 3.5.0-alpha up to and including 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the lead...
Apache Zookeeper 3.5.3
Apache Zookeeper 3.5.0
Apache Zookeeper
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Goldengate Stream Analytics
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »