Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2021-26086 KEV |
|
[KEV] Path Traversal in Atlassian jira-server-and-data-center (CVE-2021-26086)
path traversal in Atlassian jira-server-and-data-center (CVE-2021-26086). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-22527 KEV |
|
[KEV] Vulnerability in Atlassian confluence-data-center-and-server (CVE-2023-22527)
vulnerability in Atlassian confluence-data-center-and-server (CVE-2023-22527). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-22518 KEV |
|
[KEV] Authorization Flaw in Atlassian confluence-data-center-and-server (CVE-2023-22518)
vulnerability in Atlassian confluence-data-center-and-server (CVE-2023-22518). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-22515 KEV |
|
[KEV] Vulnerability in Atlassian confluence-data-center-and-server (CVE-2023-22515)
vulnerability in Atlassian confluence-data-center-and-server (CVE-2023-22515). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-36804 KEV |
|
[KEV] OS Command Injection in Atlassian bitbucket-server-and-data-center (CVE-2022-36804)
OS command injection in Atlassian bitbucket-server-and-data-center (CVE-2022-36804). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-26138 KEV |
|
[KEV] Vulnerability in Atlassian confluence (CVE-2022-26138)
vulnerability in Atlassian confluence (CVE-2022-26138). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-26134 KEV |
|
[KEV] Vulnerability in Atlassian confluence-serverdata-center (CVE-2022-26134)
vulnerability in Atlassian confluence-serverdata-center (CVE-2022-26134). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-26085 KEV |
|
[KEV] Vulnerability in Atlassian confluence-server (CVE-2021-26085)
vulnerability in Atlassian confluence-server (CVE-2021-26085). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-11581 KEV |
|
[KEV] Vulnerability in Atlassian jira-server-and-data-center (CVE-2019-11581)
vulnerability in Atlassian jira-server-and-data-center (CVE-2019-11581). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-3398 KEV |
|
[KEV] Path Traversal in Atlassian confluence-server-and-data-center (CVE-2019-3398)
path traversal in Atlassian confluence-server-and-data-center (CVE-2019-3398). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-26084 KEV |
|
[KEV] Vulnerability in Atlassian confluence-server-and-data-center (CVE-2021-26084)
vulnerability in Atlassian confluence-server-and-data-center (CVE-2021-26084). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-11580 KEV |
|
[KEV] Vulnerability in Atlassian crowd-and-crowd-data-center (CVE-2019-11580)
vulnerability in Atlassian crowd-and-crowd-data-center (CVE-2019-11580). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-3396 KEV |
|
[KEV] Path Traversal in Atlassian confluence-server-and-data-server (CVE-2019-3396)
path traversal in Atlassian confluence-server-and-data-server (CVE-2019-3396). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-14590 |
|
Vulnerability in atlassian (CVE-2017-14590)
vulnerability in atlassian (CVE-2017-14590). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14589 |
|
Vulnerability in atlassian (CVE-2017-14589)
vulnerability in atlassian (CVE-2017-14589). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16857 |
|
Vulnerability in atlassian (CVE-2017-16857)
vulnerability in atlassian (CVE-2017-16857). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16856 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2017-16856)
cross-site scripting in atlassian (CVE-2017-16856). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14591 |
|
Vulnerability in atlassian (CVE-2017-14591)
vulnerability in atlassian (CVE-2017-14591). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14585 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-14585)
SSRF in ssrf (CVE-2017-14585). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14586 |
|
Buffer Overflow in atlassian (CVE-2017-14586)
vulnerability in atlassian (CVE-2017-14586). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9514 |
|
Vulnerability in atlassian (CVE-2017-9514)
vulnerability in atlassian (CVE-2017-9514). Successful exploitation can lead to full system takeover.
|
| CVE-2017-14588 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2017-14588)
cross-site scripting in atlassian (CVE-2017-14588). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14587 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2017-14587)
cross-site scripting in atlassian (CVE-2017-14587). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-6576 |
|
Code Injection in atlassian (CVE-2015-6576)
code injection in atlassian (CVE-2015-6576). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9511 |
|
Path Traversal in path-traversal (CVE-2017-9511)
path traversal in path-traversal (CVE-2017-9511). Confidential information can be exposed externally.
|
| CVE-2017-9507 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2017-9507)
cross-site scripting in atlassian (CVE-2017-9507). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9508 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2017-9508)
cross-site scripting in atlassian (CVE-2017-9508). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9509 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2017-9509)
cross-site scripting in atlassian (CVE-2017-9509). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9510 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2017-9510)
cross-site scripting in atlassian (CVE-2017-9510). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9512 |
|
Information Disclosure in atlassian (CVE-2017-9512)
vulnerability in atlassian (CVE-2017-9512). Confidential information can be exposed externally.
|
| CVE-2017-9506 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-9506)
SSRF in ssrf (CVE-2017-9506). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9505 |
|
Vulnerability in atlassian (CVE-2017-9505)
vulnerability in atlassian (CVE-2017-9505). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-8907 |
|
Authorization Flaw in atlassian (CVE-2017-8907)
vulnerability in atlassian (CVE-2017-8907). Successful exploitation can lead to full system takeover.
|
| CVE-2017-8080 |
|
Unrestricted File Upload in atlassian (CVE-2017-8080)
vulnerability in atlassian (CVE-2017-8080). Successful exploitation can lead to full system takeover.
|
| CVE-2017-8058 |
|
Vulnerability in atlassian (CVE-2017-8058)
vulnerability in atlassian (CVE-2017-8058). Confidential information can be exposed externally.
|
| CVE-2017-8768 |
|
OS Command Injection in atlassian (CVE-2017-8768)
OS command injection in atlassian (CVE-2017-8768). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7415 |
|
Information Disclosure in atlassian (CVE-2017-7415)
vulnerability in atlassian (CVE-2017-7415). Confidential information can be exposed externally.
|
| CVE-2017-7357 |
|
Unrestricted File Upload in atlassian (CVE-2017-7357)
vulnerability in atlassian (CVE-2017-7357). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5983 |
|
Unsafe Deserialization in dos (CVE-2017-5983)
vulnerability in dos (CVE-2017-5983). Successful exploitation can lead to full system takeover.
|
| CVE-2016-4317 |
|
Atlassian Confluence Server before 5.9.11 has XSS on the viewmyprofile.action page.
Atlassian Confluence Server before 5.9.11 has XSS on the viewmyprofile.action page.
|
| CVE-2016-4320 |
|
Path Traversal in path-traversal (CVE-2016-4320)
path traversal in path-traversal (CVE-2016-4320). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4319 |
|
Atlassian JIRA Server before 7.1.9 has CSRF in auditing/settings.
Atlassian JIRA Server before 7.1.9 has CSRF in auditing/settings.
|
| CVE-2016-4318 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2016-4318)
cross-site scripting in atlassian (CVE-2016-4318). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-6285 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2016-6285)
cross-site scripting in atlassian (CVE-2016-6285). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`.
|
| CVE-2016-6668 |
|
Information Disclosure in atlassian (CVE-2016-6668)
vulnerability in atlassian (CVE-2016-6668). Confidential information can be exposed externally.
|
| CVE-2016-6283 |
|
Cross-Site Scripting (XSS) in atlassian (CVE-2016-6283)
cross-site scripting in atlassian (CVE-2016-6283). Risk of unauthorized operations or information disclosure.
|