Vulnerabilities in Atlassian

399 results

CVE-2024-21674HIGHThis High severity Remote Code Execution (RCE) vulnerability was introduced in version 7.13.0 of Confluence Data Center and Server. Remote EPSS 1.8%CVE-2018-20237—Atlassian Confluence Server and Data Center before version 6.13.1 allows an authenticated user to download a deleted page via the word exporEPSS 1.7%CVE-2019-15003—The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before 3.9.17, from 3.10.0 before 3.16.1EPSS 1.7%CVE-2020-14168—The email client in Jira Server and Data Center before version 7.13.16, from 8.5.0 before 8.5.7, from 8.8.0 before 8.8.2, and from 8.9.0 befEPSS 1.7%CVE-2018-13392—Several resources in Atlassian Fisheye and Crucible before version 4.6.0 allow remote attackers to inject arbitrary HTML or JavaScript via aEPSS 1.7%CVE-2020-4020—The file downloading functionality in the Atlassian Companion App before version 1.0.0 allows remote attackers, who control a Confluence SerEPSS 1.7%CVE-2021-39109HIGHThe renderWidgetResource resource in Atlasian Atlasboard before version 1.1.9 allows remote attackers to read arbitrary files via a path traEPSS 1.7%CVE-2017-18111—The OAuthHelper in Atlassian Application Links before version 5.0.10, from version 5.1.0 before version 5.1.3, and from version 5.2.0 beforeEPSS 1.7%CVE-2021-39114HIGHAffected versions of Atlassian Confluence Server and Data Center allow users with a valid account on a Confluence Data Center instance to exEPSS 1.7%CVE-2017-8907HIGHAtlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.1 did not correctly check if a user creating a deployment project had the edit permissEPSS 1.6%CVE-2021-41307HIGHAffected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to view the names of private projects and EPSS 1.6%CVE-2021-26075—The Jira importers plugin AttachTemporaryFile rest resource in Jira Server and Data Center before version 8.5.12, from version 8.6.0 before EPSS 1.6%CVE-2017-18104—The Webhooks component of Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.11.0 allows remote attackers who are aEPSS 1.6%CVE-2019-15012—Bitbucket Server and Bitbucket Data Center from version 4.13. before 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.EPSS 1.6%CVE-2018-13386—There was an argument injection vulnerability in Sourcetree for Windows via filenames in Mercurial repositories. An attacker with permissionEPSS 1.6%CVE-2020-36238—The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from vEPSS 1.6%CVE-2021-41306HIGHAffected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view private project and filter names via an EPSS 1.6%CVE-2023-22526HIGHThis High severity RCE (Remote Code Execution) vulnerability was introduced in version 7.19.0 of Confluence Data Center. This RCE (RemoteEPSS 1.6%CVE-2021-39123HIGHAffected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to impact the application's availability vEPSS 1.5%CVE-2020-36288—The issue navigation and search view in Jira Server and Data Center before version 8.5.12, from version 8.6.0 before version 8.13.4, and froEPSS 1.5%

← previouspage 7 / 20next →