Lucene search
K

517 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.4 views

Atlassian Confluence 9.2.8 < 9.2.11 (CONFSERVER-101842)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101842 advisory. - pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding...

8.2CVSS5.6AI score0.00461EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

Atlassian Confluence 9.0.1 < 9.2.1 / 9.3.x < 9.4.0 / 9.5.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101573)

The version of Atlassian Confluence Server running on the remote host is affected by a denial of service vulnerability as referenced in the CONFSERVER-101573 advisory. - A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack...

7.5CVSS8.3AI score0.0204EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

Atlassian Confluence 9.0.1 < 9.2.1 / 9.3.x < 9.4.0 / 9.5.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101575)

The version of Atlassian Confluence Server running on the remote host is affected by a denial of service vulnerability as referenced in the CONFSERVER-101575 advisory. - A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack...

7.5CVSS8.3AI score0.02029EPSS
Exploits1References2
Atlassian
Atlassian
added 2026/01/14 6:28 p.m.19 views

File Inclusion tar-fs Dependency in Confluence Data Center and Server

This High severity File Inclusion vulnerability known as CVE-2025-59343 was introduced in version 7.19 of Confluence Data Center and Server. This File Inclusion vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N allows an...

8.7CVSS5.6AI score0.00516EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

Atlassian Confluence 9.0.1 < 9.2.1 / 9.3.1 < 9.4.0 / 9.5.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101574)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101574 advisory. - Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This...

9.8CVSS8AI score0.02601EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.4 views

Atlassian Confluence 7.19.0 < 8.5.20 / 8.6.x < 9.2.6 / 9.3.x < 9.3.1 / 9.4.0 / 9.5.x < 9.5.2 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101489)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101489 advisory. - The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and...

8.1CVSS6.8AI score0.08279EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.6 views

Atlassian Confluence 7.19.0 < 8.5.10 / 8.6.x < 9.2.5 / 9.3.x < 9.3.1 / 9.4.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101478)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101478 advisory. - An Improper Link Resolution Before File Access Link Following and Improper Limitation of a Pathname to a Restricted Directory Path Traversal. Thi...

7.5CVSS6.4AI score0.02186EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2026/01/09 8:35 a.m.7 views

CVE-2020-24897

The Table Filter and Charts for Confluence Server app before 5.3.25 for Atlassian Confluence allow remote attackers to inject arbitrary HTML or JavaScript via cross site scripting XSS through the provided Markdown markup to the "Table from CSV" macro...

8.9CVSS6AI score0.00935EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.6 views

Atlassian Confluence < 8.5.10 / 9.2.x < 9.2.5 / 9.3.x < 9.3.1 / 9.4.x < 9.5.1 / 10.0.x < 10.0.2 (CONFSERVER-101477)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101477 advisory. - ws is an open source WebSocket client and server for Node.js. A request with a number of headers exceeding theserver.maxHeadersCount threshold...

7.5CVSS6.7AI score0.01357EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.3 views

Atlassian Confluence < 9.2.6 / 9.3.x < 9.4.0 / < 9.4.0 / 9.5.x < 9.5.2 / 10.0.x < 10.0.2 / 10.1.0 (CONFSERVER-101488)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101488 advisory. - The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses such as 0x7f.1 are improperly categorized as globally routable...

9.8CVSS6.8AI score0.01613EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.5 views

Atlassian Confluence < 8.5.17 / 8.6.x < 9.2.6 / 9.3.1 < 9.4.0 / 9.5.x < 9.5.1 / 10.0.x < 10.0.2 (CONFSERVER-101480)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101480 advisory. - path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be...

7.5CVSS6.6AI score0.00932EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.9 views

Atlassian Confluence < 8.5.31 / 8.6.x < 9.2.13 / 9.3.x < 10.2.2 (CONFSERVER-101788)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101788 advisory. - Critical XXE in Apache Tika tika-core 1.13-3.2.1, tika-pdf-module 2.0.0-3.2.1 and tika-parsers 1.13-1.28.5 modules on all platforms allows an...

9.8CVSS7.8AI score0.79807EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.4 views

Atlassian Confluence 10.1.x< 10.1.1 (CONFSERVER-101485)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101485 advisory. - The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized...

7.5CVSS7.9AI score0.0046EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.4 views

Atlassian Confluence < 8.5.10 / 8.6.x < 9.2.5 / 9.3.x < 9.3.1 / 9.4.x < 9.5.1 / 10.0.x < 10.0.2 (CONFSERVER-101479)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101479 advisory. - tar-fs provides filesystem bindings for tar-stream. Versions prior to 3.0.9, 2.1.3, and 1.16.5 have an issue where an extract can write outside t...

8.7CVSS6.4AI score0.00474EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/06 12:0 a.m.4 views

Atlassian Confluence < 8.5.18 / 8.6.x < 9.2.1 / 9.3.x < 9.3.1 / 9.4.x < 9.5.4 / 10.0.x < 10.0.2 / 10.1.0 (CONFSERVER-101486)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101486 advisory. - decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS. CVE-2022-38900 Note that Nessus has not tested for this...

7.5CVSS6.8AI score0.24928EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/06 12:0 a.m.3 views

Atlassian Confluence < 8.5.17 / 8.6.x < 9.2.1 / 9.3.x < 9.4.0 / 9.5.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 XSS (CONFSERVER-101487)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101487 advisory. - JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand e.g. for config files. The parse metho...

8.8CVSS7.2AI score0.09304EPSS
Exploits1References2
Atlassian
Atlassian
added 2025/12/18 9:27 p.m.21 views

XXE (XML External Entity Injection) org.apache.tika:tika-core Dependency in Confluence Data Center and Server

This High severity XXE XML External Entity Injection vulnerability was introduced in versions 7.7.0 of Confluence Data Center and Server. This XXE XML External Entity Injection vulnerability, with a CVSS Score of 8.4 and a CVSS Vector of CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H allows an...

9.8CVSS5.6AI score0.02962EPSS
Exploits4
Atlassian
Atlassian
added 2025/12/18 7:28 a.m.21 views

XXE (XML External Entity Injection) in Confluence Data Center and Server

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity XXE XML External Entity Injection vulnerability was introduced in versions 9.2.8 and 10.2.0 of Confluence Data Center a...

9.8CVSS5.7AI score0.79807EPSS
Exploits6
Atlassian
Atlassian
added 2025/12/12 7:28 a.m.18 views

MITM (Man-in-the-Middle) org.postgresql:postgresql Dependency in Confluence Data Center and Server

This High severity MITM Man-in-the-Middle vulnerability was introduced in versions 9.2.8 of Confluence Data Center and Server. This MITM Man-in-the-Middle vulnerability, with a CVSS Score of 8.2 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N allows an unauthenticated attacker t...

8.2CVSS7.3AI score0.00461EPSS
Exploits0
Atlassian
Atlassian
added 2025/12/11 10:27 p.m.16 views

XXE (XML External Entity Injection) org.apache.jackrabbit:jackrabbit-spi-commons Dependency in Confluence Data Center and Server

This High severity XXE XML External Entity Injection vulnerability was introduced in versions 7.13 of Confluence Data Center and Server. This XXE XML External Entity Injection vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H allows an...

8.8CVSS5.4AI score0.00466EPSS
Exploits0
Rows per page
Query Builder