657 matches found
Atlassian Confluence <5.8.17 - Information Disclosure
Atlassian Confluence before 5.8.17 contains an information disclsoure vulnerability. A remote authenticated user can read configuration files via the decoratorName parameter to 1 spaces/viewdefaultdecorator.action or 2 admin/viewdefaultdecorator.action. id: CVE-2015-8399 info: name: Atlassian...
PT-2026-49655
Name of the Vulnerable Software and Affected Versions syracom AG Secure Login 2FA for Atlassian Jira, Confluence, and Bitbucket versions 3.4.0.x Description An authentication bypass exists where an attacker with valid user credentials can circumvent the two-factor authentication 2FA flow. By...
PT-2026-45412
🔒 CyberSecurity CVE-2026-37890: Atlassian Confluence OGNL Injection — Detection and Emergency P… "Critical OGNL injection flaw CVE-2026-37890 in Atlassian Confluence…" 🔗 https://t.co/RLZcRST2d3 CyberSecurity ThreatIntel penetrationtesting redteam offensivesecurity...
EUVD-2026-10810
MCP Atlassian has an arbitrary file write leading to arbitrary code execution via unconstrained downloadpath in confluencedownloadattachment...
CVE-2026-27825 MCP Atlassian has an arbitrary file write leading to arbitrary code execution via unconstrained download_path in confluence_download_attachment
MCP Atlassian is a Model Context Protocol MCP server for Atlassian products Confluence and Jira. Prior to version 0.17.0, the confluencedownloadattachment MCP tool accepts a downloadpath parameter that is written to without any directory boundary enforcement. An attacker who can call this tool an...
Exploit for Expression Language Injection in Atlassian Confluence_Data_Center
CVE Docker Lab A collection of Docker-based reproduction envi...
Exploit for Expression Language Injection in Atlassian Confluence_Data_Center
CVE-2022-26134 - Atlassian Confluence OGNL RCE This script is...
Atlassian Confluence 9.0.0 < 9.2.14 / 9.2.15 / 9.3.1 < 10.2.3 / 10.2.6 (CONFSERVER-102186)
The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-102186 advisory. - Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of...
Atlassian Confluence < 8.5.18 / 8.6.x < 9.2.1 / 9.3.x < 9.3.1 / 9.4.x < 9.5.4 / 10.0.x < 10.0.2 / 10.1.0 (CONFSERVER-101486)
The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101486 advisory. - decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS. CVE-2022-38900 Note that Nessus has not tested for this...
Exploit for Expression Language Injection in Atlassian Confluence_Data_Center
╔═══════════════════════════════════════════════════════════...
Exploit for Improper Input Validation in Atlassian Confluence_Data_Center
LetsDefend-SOC235-Atlassian-Confluence-Broken-Access-Control-0...
EUVD-2017-9222
Malware in sbrugna...
EUVD-2017-18437
Malware in sbrugna...
EUVD-2018-10023
Malware in sbrugna...
EUVD-2020-25292
Malware in sbrugna...
EUVD-2018-5333
Malware in sbrugna...
EUVD-2018-5337
Malware in sbrugna...
EUVD-2005-3962
Malware in sbrugna...
EUVD-2017-16439
Malware in sbrugna...
EUVD-2017-8030
Malware in sbrugna...