Vulmon
Recent Vulnerabilities
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
jira vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-20405
The JMX monitoring flag in Atlassian Jira Server and Data Center before version 8.6.0 allows remote attackers to turn the JMX monitoring flag off or on via a Cross-site request forgery (CSRF) vulnerability....
Atlassian
Jira
4
CVSSv2
CVE-2019-20402
Support zip files in Atlassian Jira Server and Data Center before version 8.6.0 could be downloaded by a System Administrator user without requiring the user to re-enter their password via an improper authorization vulnerability....
Atlassian
Jira
9
CVSSv2
CVE-2010-1165
Atlassian JIRA 3.12 through 4.1 allows remote authenticated administrators to execute arbitrary code by modifying the (1) attachment (aka attachments), (2) index (aka indexing), or (3) backup path and then uploading a file, as exploited in the wild in April 2010....
Atlassian
Jira
5
CVSSv2
CVE-2018-13391
The ProfileLinkUserFormat component of Jira Server before version 7.6.8, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3 and from version 7.11.0 before version...
Atlassian
Jira
4
CVSSv2
CVE-2019-11583
The issue searching component in Jira before version 8.1.0 allows remote attackers to deny access to Jira service via denial of service vulnerability in issue search when ordering by "Epic Name"....
Atlassian
Jira
4.3
CVSSv2
CVE-2017-16862
The IncomingMailServers resource in Atlassian Jira before version 7.6.2 allows remote attackers to modify the "incoming mail" whitelist setting via a Cross-site request forgery (CSRF) vulnerability....
Atlassian
Jira
6.8
CVSSv2
CVE-2019-20098
The VerifySmtpServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery (CSRF). An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the...
Atlassian
Jira
6.8
CVSSv2
CVE-2019-20099
The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery (CSRF). An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the...
Atlassian
Jira
6.4
CVSSv2
CVE-2017-18101
Various administrative external system import resources in Atlassian JIRA Server (including JIRA Core) before version 7.6.5, from version 7.7.0 before version 7.7.3, from version 7.8.0 before version 7.8.3 and before version 7.9.0 allow remote attackers to run import operations...
Atlassian
Jira
7.5
CVSSv2
CVE-2017-5983
The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML parser and deserializer, which allows remote attackers to execute arbitrary code, read arbitrary files, or cause a denial of service via a crafted serialized Java object....
Atlassian
Jira
1 Article available
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-0674
arbitrary
CVE-2018-21060
CVE-2020-1624
CVE-2020-1991
local file inclusion
CVE-2020-10621
wireless
CVE-2020-6819
google
android
« PREV
1
2
3
4
5
6
7
NEXT »
Vulmon