Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2017-18094
Various resources in Atlassian Fisheye and Crucible before version 4.4.3 (the fixed version for 4.4.x) and 4.5.0 allow remote attackers with administrative privileges to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the base path setti...
Atlassian Fisheye 4.5.0
Atlassian Fisheye
Atlassian Crucible 4.5.0
Atlassian Crucible
9
CVSSv3
CVE-2017-14591
Atlassian Fisheye and Crucible versions less than 4.4.3 and version 4.5.0 are vulnerable to argument injection through filenames in Mercurial repositories, allowing malicious users to execute arbitrary code on a system running the impacted software.
Atlassian Fisheye
Atlassian Crucible 4.5.0
Atlassian Crucible
Atlassian Fisheye 4.5.0
7.5
CVSSv3
CVE-2016-6668
The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 prior to 6.27.5, 6.28.0 prior to 7.3.7, and 7.4.0 prior to 7.8.17; Confluence HipChat plugin 6.26.0 prior to 7.8.17; and HipChat for JIRA plugin 6.26.0 prior to 7.8.17 allows remote malicious users to obtain the...
Atlassian Confluence Server 5.5.0
Atlassian Confluence Server 5.9.6
Atlassian Confluence Server 5.9.5
Atlassian Confluence Server 5.9.8
Atlassian Confluence Server 5.9.7
Atlassian Confluence Server 5.9.2
Atlassian Confluence Server 5.9.1
Atlassian Confluence Server 5.9.4
Atlassian Confluence Server 5.9.3
Atlassian Confluence Server 5.10.1
Atlassian Confluence Server 5.9.10
Atlassian Confluence Server 5.9.11
Atlassian Confluence Server 5.9.12
Atlassian Confluence Server 5.10.0
Atlassian Confluence Server 5.10.2
Atlassian Confluence Server 5.9.9
Atlassian Confluence Server 5.10.3
Atlassian Jira Integration For Hipchat 7.4.1
Atlassian Jira Integration For Hipchat 7.3.3
Atlassian Jira Integration For Hipchat 6.26.0
Atlassian Jira Integration For Hipchat 7.1.0
Atlassian Jira Integration For Hipchat 6.26.10
NA
CVE-2014-2314
Directory traversal vulnerability in the Issue Collector plugin in Atlassian JIRA prior to 6.0.4 allows remote malicious users to create arbitrary files via unspecified vectors.
Atlassian Jira 6.0
Atlassian Jira 6.0.2
Atlassian Jira
Atlassian Jira 6.0.1
1 EDB exploit
9.8
CVSSv3
CVE-2016-5229
Atlassian Bamboo prior to 5.11.4.1 and 5.12.x prior to 5.12.3.1 does not properly restrict permitted deserialized classes, which allows remote malicious users to execute arbitrary code via vectors related to XStream Serialization.
Atlassian Bamboo 5.12.2
Atlassian Bamboo 5.12.1
Atlassian Bamboo 5.12.0
Atlassian Bamboo
7.5
CVSSv3
CVE-2017-7415
Atlassian Confluence 6.x prior to 6.0.7 allows remote malicious users to bypass authentication and read any blog or page via the drafts diff REST resource.
Atlassian Confluence Server 6.0.1
Atlassian Confluence Server 6.0.3
Atlassian Confluence Server 6.0.4
Atlassian Confluence Server 6.0.5
Atlassian Confluence Server 6.0.6
Atlassian Confluence Server 6.0.2
Atlassian Confluence Server 6.0.0
5.3
CVSSv3
CVE-2019-20101
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to view whitelist rules via a Broken Access Control vulnerability in the /rest/whitelist/<version>/check endpoint. The affected versions are before version 8.13.3, and from ver...
Atlassian Data Center 8
Atlassian Data Center
Atlassian Jira 8
Atlassian Jira
4.8
CVSSv3
CVE-2020-36234
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the Screens Modal view. The affected versions are before version 8.5.11, from version 8.6.0 prior to 8....
Atlassian Data Center
Atlassian Jira Data Center
Atlassian Jira
Atlassian Jira Server
5.3
CVSSv3
CVE-2020-36238
The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous malicious users to determine if a username is valid or not via a missing permiss...
Atlassian Data Center
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Data Center
5.3
CVSSv3
CVE-2020-36287
The dashboard gadgets preference resource of the Atlassian gadgets plugin used in Jira Server and Jira Data Center before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous malicious users to obtain gadget related settings via a missing permissi...
Atlassian Data Center
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Data Center
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »