Vulnerabilities in Atlassian

399 results

CVE-2019-3401—The ManageFilters.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote attackers to enumeraEPSS 12.7%CVE-2019-3394—There was a local file disclosure vulnerability in Confluence Server and Confluence Data Center via page exporting. An attacker with permissEPSS 11.4%CVE-2019-15001—The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.0EPSS 11.4%CVE-2023-22523CRITICALThis vulnerability, if exploited, allows an attacker to perform privileged RCE (Remote Code Execution) on machines with the Assets DiscoveryEPSS 11.1%CVE-2020-36287—The dashboard gadgets preference resource of the Atlassian gadgets plugin used in Jira Server and Jira Data Center before version 8.13.5, anEPSS 9.0%CVE-2019-3402—The ConfigurePortalPages.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote attackers to EPSS 8.9%CVE-2019-15000—The commit diff rest endpoint in Bitbucket Server and Data Center before 5.16.10 (the fixed version for 5.16.x ), from 6.0.0 before 6.0.10 (EPSS 7.8%CVE-2018-20235—There was an argument injection vulnerability in Atlassian Sourcetree for Windows from version 0.5a before version 3.0.15 via filenames in MEPSS 6.8%CVE-2019-3395—The WebDAV endpoint in Atlassian Confluence Server and Data Center before version 6.6.7 (the fixed version for 6.6.x), from version 6.7.0 beEPSS 6.7%CVE-2018-20236—There was an command injection vulnerability in Sourcetree for Windows from version 0.5a before version 3.0.10 via URI handling. A remote atEPSS 6.4%CVE-2018-20234—There was an argument injection vulnerability in Atlassian Sourcetree for macOS from version 1.2 before version 3.1.1 via filenames in MercuEPSS 6.0%CVE-2017-14593—Sourcetree for Windows had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permissionEPSS 5.5%CVE-2017-14592—Sourcetree for macOS had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission tEPSS 5.5%CVE-2019-14994—The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before version 3.9.16, from version 3.10EPSS 5.1%CVE-2019-3397—Atlassian Bitbucket Data Center licensed instances starting with version 5.13.0 before 5.13.6 (the fixed version for 5.13.x), from 5.14.0 beEPSS 5.1%CVE-2019-11582—An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all versions prior to 3.1.3, allows remote attackEPSS 4.9%CVE-2021-39115HIGHAffected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers with "Jira Administrators" access to exEPSS 4.5%CVE-2017-14585—A Server Side Request Forgery (SSRF) vulnerability could lead to remote code execution for authenticated administrators. This issue was intrEPSS 4.4%CVE-2022-26136CRITICALA vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third pEPSS 4.2%CVE-2021-43947HIGHAffected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code viEPSS 4.1%

← previouspage 3 / 20next →