Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jira vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2017-5983
The JIRA Workflow Designer Plugin in Atlassian JIRA Server prior to 6.3.0 improperly uses an XML parser and deserializer, which allows remote malicious users to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object.
Atlassian Jira 4.2.4
Atlassian Jira 4.3
Atlassian Jira 4.3.1
Atlassian Jira 4.3.2
Atlassian Jira 4.3.3
Atlassian Jira 4.3.4
Atlassian Jira 4.4
Atlassian Jira 4.4.1
Atlassian Jira 4.4.2
Atlassian Jira 4.4.3
Atlassian Jira 4.4.4
Atlassian Jira 4.4.5
530
VMScore
CVE-2010-1164
Multiple cross-site scripting (XSS) vulnerabilities in Atlassian JIRA 3.12 up to and including 4.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) element or (2) defaultColor parameter to the Colour Picker page; the (3) formName parameter, (4) elem...
Atlassian Jira 3.12
Atlassian Jira 3.12.1
Atlassian Jira 3.12.2
Atlassian Jira 3.12.3
Atlassian Jira 3.13
Atlassian Jira 3.13.1
Atlassian Jira 3.13.2
Atlassian Jira 3.13.3
Atlassian Jira 3.13.4
Atlassian Jira 3.13.5
Atlassian Jira 4.0
Atlassian Jira 4.0.1
1 Github repository
1000
VMScore
CVE-2010-1165
Atlassian JIRA 3.12 up to and including 4.1 allows remote authenticated administrators to execute arbitrary code by modifying the (1) attachment (aka attachments), (2) index (aka indexing), or (3) backup path and then uploading a file, as exploited in the wild in April 2010.
Atlassian Jira 3.12
Atlassian Jira 3.12.1
Atlassian Jira 3.12.2
Atlassian Jira 3.12.3
Atlassian Jira 3.13
Atlassian Jira 3.13.1
Atlassian Jira 3.13.2
Atlassian Jira 3.13.3
Atlassian Jira 3.13.4
Atlassian Jira 3.13.5
Atlassian Jira 4.0
Atlassian Jira 4.0.1
530
VMScore
CVE-2014-2313
Directory traversal vulnerability in the Importers plugin in Atlassian JIRA prior to 6.0.5 allows remote malicious users to create arbitrary files via unspecified vectors.
Atlassian Jira
Atlassian Jira 6.0
Atlassian Jira 6.0.1
Atlassian Jira 6.0.2
Atlassian Jira 6.0.3
530
VMScore
CVE-2013-5319
Cross-site scripting (XSS) vulnerability in secure/admin/user/views/deleteuserconfirm.jsp in the Admin Panel in Atlassian JIRA prior to 6.0.5 allows remote malicious users to inject arbitrary web script or HTML via the name parameter to secure/admin/user/DeleteUser!default.jspa.
Atlassian Jira
Atlassian Jira 6.0
Atlassian Jira 6.0.1
Atlassian Jira 6.0.2
Atlassian Jira 6.0.3
530
VMScore
CVE-2014-2314
Directory traversal vulnerability in the Issue Collector plugin in Atlassian JIRA prior to 6.0.4 allows remote malicious users to create arbitrary files via unspecified vectors.
Atlassian Jira
Atlassian Jira 6.0
Atlassian Jira 6.0.1
Atlassian Jira 6.0.2
1 EDB exploit
530
VMScore
CVE-2020-36231
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to view the metadata of boards they should not have access to via an Insecure Direct Object References (IDOR) vulnerability. The affected versions are before version 8.5.10, and from version 8...
Atlassian Jira
Atlassian Jira Data Center
Atlassian Jira Data Center 8.13.3
Atlassian Jira Server
Atlassian Jira Server 8.13.3
Atlassian Jira Software Data Center
530
VMScore
CVE-2019-20106
Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 before version 8.5.4, and 8.6.0 before version 8.6.1 allows remote malicious users to make comments on a ticket to which they do not have commenting permissions via a broken access cont...
Atlassian Jira
Atlassian Jira Data Center
Atlassian Jira Data Center 8.6.0
Atlassian Jira Server
Atlassian Jira Server 8.6.0
Atlassian Jira Software Data Center
530
VMScore
CVE-2020-14174
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to view titles of a private project via an Insecure Direct Object References (IDOR) vulnerability in the Administration Permission Helper. The affected versions are before version 7.13.6, from...
Atlassian Jira
Atlassian Jira Data Center
Atlassian Jira Data Center 8.10.0
Atlassian Jira Server
Atlassian Jira Server 8.10.0
Atlassian Jira Software Data Center
690
VMScore
CVE-2020-14168
The email client in Jira Server and Data Center before version 7.13.16, from 8.5.0 prior to 8.5.7, from 8.8.0 prior to 8.8.2, and from 8.9.0 prior to 8.9.1 allows remote malicious users to access outgoing emails between a Jira instance and the SMTP server via man-in-the-middle (M...
Atlassian Jira
Atlassian Jira Data Center
Atlassian Jira Server
Atlassian Jira Software Data Center
Preferred Score:
VMScore
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
path traversal
CVE-2025-2657
CVE-2025-30066
CVE-2025-24813
apache commons vfs
CVE-2025-2478
validation
CVE-2025-2674
code injection
medical card generation system
microsoft edge (chromium-based)
CVE-2025-2688
cicadascms
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »
Vulmon