Lucene search
K

454 matches found

Atlassian
Atlassian
added 2025/08/18 8:34 a.m.20 views

Third-Party Dependency in Crowd Data Center

Note: Aligning with our security bug fix policy|https://www.atlassian.com/trust/security/bug-fix-policy, this vulnerability has been fixed in our latest release only This Critical severity Third-Party Dependency vulnerability was introduced in version 6.1.1 of Crowd Data Center. This Third-Party...

9.4CVSS4.7AI score0.01735EPSS
Exploits1
Atlassian
Atlassian
added 2025/08/07 10:21 a.m.23 views

DoS (Denial of Service) in Crowd Data Center

This High severity DoS Denial of Service vulnerability was introduced in version 6.3.1 of Crowd Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7, allows an attacker to cause a resource to be unavailable for its intended users by temporarily or indefinitely disruptin...

7.5CVSS6.9AI score0.64718EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2025/06/25 12:0 a.m.5 views

On the Impact of Sybil-Based Attacks on Mobile Crowdsensing for Transportation

Mobile Crowd-Sensing MCS enables users with personal mobile devices PMDs to gain information on their surroundings. Users collect and contribute data on different phenomena using their PMD sensors, and the MCS system processes this data to extract valuable information for end users. Navigation...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/12 12:0 a.m.3 views

GOLIATH: a Decentralized Framework for Data Collection in Intelligent Transportation Systems

Intelligent Transportation Systems ITSs technology has advanced during the past years, and it is now used for several applications that require vehicles to exchange real-time data, such as in traffic information management. Traditionally, road traffic information has been collected using on-site...

7AI score
Exploits0
Atlassian
Atlassian
added 2025/06/05 6:9 a.m.16 views

RCE (Remote Code Execution) com.typesafe.akka:akka-actor_2.11 Dependency in Crowd Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector of CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H allows an unauthenticat...

9.3CVSS8.3AI score0.05666EPSS
Exploits0
Atlassian
Atlassian
added 2025/06/05 6:8 a.m.17 views

DoS (Denial of Service) Third-Party Dependency in Crowd Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 6.1.0 and 6.2.0 of Crowd Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated...

7.5CVSS7.8AI score0.01119EPSS
Exploits1
Atlassian
Atlassian
added 2025/05/31 6:8 a.m.19 views

DoS (Denial of Service) Third-Party Dependency in Crowd Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 6.0.0, 6.1.0, 6.2.0, and 6.3.0 of Crowd Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...

7.5CVSS8.7AI score0.66933EPSS
Exploits5
RedhatCVE
RedhatCVE
added 2025/05/23 5:53 a.m.4 views

CVE-2023-22521

This High severity RCE Remote Code Execution vulnerability was introduced in version 3.4.6 of Crowd Data Center and Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.0, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality,...

8.8CVSS7.7AI score0.01213EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:57 a.m.9 views

CVE-2022-43782

Affected versions of Atlassian Crowd allow an attacker to authenticate as the crowd application via security misconfiguration and subsequent ability to call privileged endpoints in Crowd's REST API under the usermanagement path. This vulnerability can only be exploited by IPs specified under the...

9.8CVSS7.1AI score0.00888EPSS
Exploits0References1
Atlassian
Atlassian
added 2025/05/23 12:8 a.m.18 views

Path Traversal Third-Party Dependency in Crowd Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 5.1.0, 5.2.0, and 5.3.0 of Crowd Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an unauthenticat...

7.5CVSS7.5AI score0.14718EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 11:30 a.m.9 views

CVE-2013-3925

Atlassian Crowd 2.5.x before 2.5.4, 2.6.x before 2.6.3, 2.3.8, and 2.4.9 allows remote attackers to read arbitrary files and send HTTP requests to intranet servers via a request to 1 /services/2 or 2 services/latest with a DTD containing an XML external entity declaration in conjunction with an...

5.8CVSS7AI score0.01758EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:7 a.m.9 views

CVE-2019-1003097

Jenkins Crowd Integration Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

6.5CVSS6.7AI score0.01622EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/11 5:2 p.m.16 views

CVE-2025-31390

Cross-Site Request Forgery CSRF vulnerability in bdoga Social Crowd social-crowd allows Stored XSS.This issue affects Social Crowd: from n/a through = 0.9.6.1...

7.1CVSS7.2AI score0.00191EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/09 5:34 p.m.6 views

WordPress Social Crowd plugin <= 0.9.6.1 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by johska in WordPress Plugin Social Crowd versions = 0.9.6.1...

7.1CVSS7.5AI score0.00191EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/04/09 5:15 p.m.5 views

CVE-2025-31390

Cross-Site Request Forgery CSRF vulnerability in bdoga Social Crowd social-crowd allows Stored XSS.This issue affects Social Crowd: from n/a through = 0.9.6.1...

7.1CVSS0.00191EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/09 4:10 p.m.5 views

CVE-2025-31390 WordPress Social Crowd plugin <= 0.9.6.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in bdoga Social Crowd social-crowd allows Stored XSS.This issue affects Social Crowd: from n/a through = 0.9.6.1...

7.1CVSS7.2AI score0.00191EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/09 4:10 p.m.15 views

CVE-2025-31390 WordPress Social Crowd plugin <= 0.9.6.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in bdoga Social Crowd social-crowd allows Stored XSS.This issue affects Social Crowd: from n/a through = 0.9.6.1...

7.1CVSS0.00191EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/09 12:0 a.m.3 views

WordPress plugin Social Crowd 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

7.1CVSS7.1AI score0.00191EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/09 12:0 a.m.4 views

PT-2025-15744 · Unknown · Bdoga Social Crowd

Name of the Vulnerable Software and Affected Versions: bdoga Social Crowd versions 0.9.6.1 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. Recommendations: For versions 0.9.6.1 and earlier, update to a version that contains a fix for...

7.1CVSS7.4AI score0.00191EPSS
Exploits0References4
Atlassian
Atlassian
added 2025/02/13 4:13 p.m.23 views

BASM (Broken Authentication & Session Management) org.apache.tomcat:tomcat-catalina Dependency in Crowd Data Center and Server

This Critical severity org.apache.tomcat:tomcat-catalina Dependency vulnerability was introduced in versions 5.2.0, 5.3.0, 6.0.1, 6.1.0, and 6.2.0 of Crowd Data Center and Server. This org.apache.tomcat:tomcat-catalina Dependency vulnerability, with a CVSS Score of 9.8 and a CVSS Vector of...

9.8CVSS9.1AI score0.06287EPSS
Exploits1
Rows per page
Query Builder