Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian vulnerabilities and exploits
(subscribe to this query)
9
CVSSv3
CVE-2017-14591
Atlassian Fisheye and Crucible versions less than 4.4.3 and version 4.5.0 are vulnerable to argument injection through filenames in Mercurial repositories, allowing malicious users to execute arbitrary code on a system running the impacted software.
Atlassian Fisheye
Atlassian Crucible 4.5.0
Atlassian Crucible
Atlassian Fisheye 4.5.0
5.4
CVSSv3
CVE-2017-18034
The source browse resource in Atlassian Fisheye and Crucible before version 4.5.1 and 4.6.0 allows allows remote attackers that have write access to an indexed repository to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in via a specially craf...
Atlassian Crucible
Atlassian Fisheye 4.6.0
Atlassian Fisheye
Atlassian Crucible 4.6.0
NA
CVE-2014-2314
Directory traversal vulnerability in the Issue Collector plugin in Atlassian JIRA prior to 6.0.4 allows remote malicious users to create arbitrary files via unspecified vectors.
Atlassian Jira 6.0
Atlassian Jira 6.0.2
Atlassian Jira
Atlassian Jira 6.0.1
1 EDB exploit
9.8
CVSSv3
CVE-2016-5229
Atlassian Bamboo prior to 5.11.4.1 and 5.12.x prior to 5.12.3.1 does not properly restrict permitted deserialized classes, which allows remote malicious users to execute arbitrary code via vectors related to XStream Serialization.
Atlassian Bamboo 5.12.2
Atlassian Bamboo 5.12.1
Atlassian Bamboo 5.12.0
Atlassian Bamboo
7.5
CVSSv3
CVE-2016-6668
The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 prior to 6.27.5, 6.28.0 prior to 7.3.7, and 7.4.0 prior to 7.8.17; Confluence HipChat plugin 6.26.0 prior to 7.8.17; and HipChat for JIRA plugin 6.26.0 prior to 7.8.17 allows remote malicious users to obtain the...
Atlassian Confluence Server 5.5.0
Atlassian Confluence Server 5.9.6
Atlassian Confluence Server 5.9.5
Atlassian Confluence Server 5.9.8
Atlassian Confluence Server 5.9.7
Atlassian Confluence Server 5.9.2
Atlassian Confluence Server 5.9.1
Atlassian Confluence Server 5.9.4
Atlassian Confluence Server 5.9.3
Atlassian Confluence Server 5.10.1
Atlassian Confluence Server 5.9.10
Atlassian Confluence Server 5.9.11
Atlassian Confluence Server 5.9.12
Atlassian Confluence Server 5.10.0
Atlassian Confluence Server 5.10.2
Atlassian Confluence Server 5.9.9
Atlassian Confluence Server 5.10.3
Atlassian Jira Integration For Hipchat 7.4.1
Atlassian Jira Integration For Hipchat 7.3.3
Atlassian Jira Integration For Hipchat 6.26.0
Atlassian Jira Integration For Hipchat 7.1.0
Atlassian Jira Integration For Hipchat 6.26.10
7.5
CVSSv3
CVE-2017-7415
Atlassian Confluence 6.x prior to 6.0.7 allows remote malicious users to bypass authentication and read any blog or page via the drafts diff REST resource.
Atlassian Confluence Server 6.0.1
Atlassian Confluence Server 6.0.3
Atlassian Confluence Server 6.0.4
Atlassian Confluence Server 6.0.5
Atlassian Confluence Server 6.0.6
Atlassian Confluence Server 6.0.2
Atlassian Confluence Server 6.0.0
4.8
CVSSv3
CVE-2020-36234
Affected versions of Atlassian Jira Server and Data Center allow remote malicious users to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in the Screens Modal view. The affected versions are before version 8.5.11, from version 8.6.0 prior to 8....
Atlassian Data Center
Atlassian Jira Data Center
Atlassian Jira
Atlassian Jira Server
5.3
CVSSv3
CVE-2020-36238
The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous malicious users to determine if a username is valid or not via a missing permiss...
Atlassian Data Center
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Data Center
5.3
CVSSv3
CVE-2020-36289
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 pr...
Atlassian Data Center
Atlassian Jira
Atlassian Jira Server
Atlassian Jira Data Center
5.3
CVSSv3
CVE-2019-20101
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote malicious users to view whitelist rules via a Broken Access Control vulnerability in the /rest/whitelist/<version>/check endpoint. The affected versions are before version 8.13.3, and from ver...
Atlassian Data Center 8
Atlassian Data Center
Atlassian Jira 8
Atlassian Jira
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »