Lucene search
K

3914 matches found

Atlassian
Atlassian
added 2026/06/11 5:30 p.m.10 views

DoS (Denial of Service) axios Dependency in Bamboo Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows a...

7.5CVSS5.2AI score0.00622EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/11 5:30 p.m.10 views

Information Disclosure axios Dependency in Bamboo Data Center

This High severity Information Disclosure vulnerability was introduced in versions 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This Information Disclosure vulnerability, with a CVSS Score of 8.2 and a CVSS Vector of...

8.2CVSS5.3AI score0.00664EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/11 5:30 p.m.11 views

DoS (Denial of Service) axios Dependency in Bamboo Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 10.2.9, 11.0.7, 12.0.0, and 12.1.0 of Bamboo Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticate...

7.5CVSS5.2AI score0.0063EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/11 5:29 p.m.11 views

Information Disclosure axios Dependency in Bamboo Data Center

This High severity Information Disclosure vulnerability was introduced in versions 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows...

7.5CVSS5.3AI score0.00532EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/11 12:0 p.m.7 views

DoS (Denial of Service) io.netty:netty-codec-http2 Dependency in Jira Service Management Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7 a...

8.7CVSS5.4AI score0.01125EPSS
Exploits0
Atlassian
Atlassian
added 2026/06/11 11:54 a.m.10 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Jira Service Management Data Center

This is a vulnerability in a non-Atlassian Jira dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This High severity HTTP Request Smuggling vulnerability was introduced in versions 10.3.0 and 11.3.0 of Jira Service Management Data Center. This HT...

7.5CVSS5.2AI score0.0064EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/06/10 2:59 p.m.13 views

CVE-2026-8045

CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure of server-side file contents when an attacker with a Data Center Expert user account submits crafted XML payloads to SOAP service endpoints...

7.1CVSS5.4AI score0.00233EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:30 p.m.12 views

EUVD-2026-35446

CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure of server-side file contents when an attacker with a Data Center Expert user account submits crafted XML payloads to SOAP service endpoints...

7.1CVSS5.4AI score0.00233EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 4:16 p.m.12 views

CVE-2026-8045

CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure of server-side file contents when an attacker with a Data Center Expert user account submits crafted XML payloads to SOAP service endpoints...

7.1CVSS0.00233EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 2:41 p.m.30 views

CVE-2026-8045

CVE-2026-8045 describes a CWE-611 XML External Entity (XXE) vulnerability in a SOAP service endpoint that can disclose server-side file contents when a crafted XML payload is submitted by a Data Center Expert user. The affected behavior involves parsing user-supplied XML leading to information di...

7.1CVSS5.5AI score0.00233EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/09 2:41 p.m.35 views

CVE-2026-8045

CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure of server-side file contents when an attacker with a Data Center Expert user account submits crafted XML payloads to SOAP service endpoints...

7.1CVSS0.00233EPSS
Exploits0References1
Atlassian
Atlassian
added 2026/06/09 10:31 a.m.10 views

MITM (Man-in-the-Middle) org.apache.tomcat.embed:tomcat-embed-core Dependency in Bitbucket Data Center

This High severity MITM Man-in-the-Middle vulnerability was introduced in versions 9.0.1, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, 9.6.0, 10.0.0, 10.1.1, 10.2.0, and 10.3.0 of Bitbucket Data Center. This MITM Man-in-the-Middle vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS7.5AI score0.00498EPSS
Exploits0
Atlassian
Atlassian
added 2026/06/09 10:30 a.m.13 views

Injection axios Dependency in Bitbucket Data Center

This High severity Injection vulnerability was introduced in versions 9.4.12, 10.2.0, and 10.3.0 of Bitbucket Data Center. This Injection vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N allows an unauthenticated attacker to modify the...

7.4CVSS8AI score0.00394EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/09 10:30 a.m.11 views

Injection axios Dependency in Bitbucket Data Center

This High severity Injection vulnerability was introduced in versions 9.4.12, 10.2.0, and 10.3.0 of Bitbucket Data Center. This Injection vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N allows an unauthenticated attacker to modify the...

7.4CVSS7.6AI score0.00808EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/09 10:30 a.m.12 views

DoS (Denial of Service) org.apache.tomcat.embed:tomcat-embed-core Dependency in Bitbucket Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 9.0.1, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, 9.6.0, 10.0.0, 10.1.1, 10.2.0, and 10.3.0 of Bitbucket Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS6.9AI score0.0078EPSS
Exploits0
Atlassian
Atlassian
added 2026/06/09 10:29 a.m.12 views

DoS (Denial of Service) @isaacs/brace-expansion Dependency in Bitbucket Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 10.0.0, 10.1.1, 10.2.0, and 10.3.0 of Bitbucket Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...

7.5CVSS7AI score0.00278EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:15 p.m.11 views

CVE-2026-20751

Out-of-bounds read for the IntelR Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Ring 1: Device Drivers may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...

8.3CVSS5.3AI score0.0012EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.26 views

Atlassian Jira Service Management Data Center and Server 5.15.2 < 10.3.20 / 10.4.x < 11.3.5 (JSDSERVER-16574)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16574 advisory. - The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior...

7.5CVSS6.3AI score0.0043EPSS
Exploits0References2
Atlassian
Atlassian
added 2026/06/03 4:30 p.m.7 views

Injection axios Dependency in Jira Software Data Center

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Injection vulnerability was introduced in versions 9.17.2, 10.3.12, 11.2.1, and 11.3.0 of Jira Software Data Center. This Injectio...

9.1CVSS5.3AI score0.00715EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/03 4:30 p.m.6 views

SSRF (Server-Side Request Forgery) axios Dependency in Jira Software Data Center

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity SSRF Server-Side Request Forgery vulnerability was introduced in versions 9.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0,...

9.9CVSS5.3AI score0.01161EPSS
Exploits1
Rows per page
Query Builder