Vulnerabilidades em Atlassian

399 resultados
CVE-2017-18080The saveConfigureSecurity resource in Atlassian Bamboo before version 6.3.1 allows remote attackers to modify security settings via a Cross-EPSS 0.5%CVE-2018-13398The administrative smart-commits resource in Atlassian Fisheye and Crucible before version 4.5.4 allows remote attackers to modify smart-comEPSS 0.5%CVE-2022-36800MEDIUMAffected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers without the "Browse Users" permission tEPSS 0.5%CVE-2021-39124The Cross-Site Request Forgery (CSRF) failure retry feature of Atlassian Jira Server and Data Center before version 8.16.0 allows remote attEPSS 0.5%CVE-2026-21570HIGHThis High severity RCE (Remote Code Execution)  vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0EPSS 0.5%CVE-2021-26071The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and fromEPSS 0.5%CVE-2019-20406The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5, and from version 7.1.0 before version 7.1.EPSS 0.5%CVE-2024-21678HIGHThis High severity Stored XSS vulnerability was introduced in version 2.7.0 of Confluence Data Center. This Stored XSS vulnerability, witEPSS 0.5%CVE-2021-43953Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to toggle the Thread Contention and CPU moEPSS 0.5%CVE-2018-13390Unauthenticated access to cloudtoken daemon on Linux via network from version 0.1.1 before version 0.1.24 allows attackers on the same subneEPSS 0.5%CVE-2025-22166HIGHThis High severity DoS (Denial of Service) vulnerability was introduced in version 2.0 of Confluence Data Center. This DoS (Denial of SerEPSS 0.5%CVE-2017-18107Various resources in the Crowd Demo application of Atlassian Crowd before version 3.1.1 allow remote attackers to modify add, modify and delEPSS 0.4%CVE-2024-21685HIGHThis High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. EPSS 0.4%CVE-2025-22157HIGHThis High severity PrivEsc (Privilege Escalation) vulnerability was introduced in versions: 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira CoreEPSS 0.4%CVE-2025-22167HIGHThis High severity Path Traversal (Arbitrary Write) vulnerability was introduced in versions: 9.12.0, 10.3.0 and remain present in 11.0.0 ofEPSS 0.4%CVE-2021-43943Affected versions of Atlassian Jira Service Management Server and Data Center allow attackers with administrator privileges to inject arbitrEPSS 0.4%CVE-2021-43952Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to restore the default configuration of fiEPSS 0.4%CVE-2023-22514HIGHThis High severity RCE (Remote Code Execution) vulnerability was introduced in version 3.4.14 of Sourcetree for Mac and Sourcetree for WindoEPSS 0.4%CVE-2019-20400The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to write a dll file to a directory in the global patEPSS 0.4%CVE-2020-4019The file editing functionality in the Atlassian Companion App before version 1.0.0 allows local attackers to have the app run a different exEPSS 0.4%