Lucene search
K

3899 matches found

EUVD
EUVD
added yesterday8 views

EUVD-2026-37806

Steeltoe.Discovery.Eureka: Unrecognized DataCenterInfo.Name poisons entire registry fetch...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References4
OSV
OSV
added 4 days ago5 views

PYSEC-2026-326 dcap-qvl has Missing Verification for QE Identity

Impact This vulnerability involves a critical gap in the cryptographic verification process within the dcap-qvl. The library fetches QE Identity collateral including qeidentity, qeidentitysignature, and qeidentityissuerchain from the PCCS. However, it skips to verify the QE Identity signature...

9.3CVSS5.9AI score0.00208EPSS
Exploits0References5
Nuclei
Nuclei
added 2026/06/25 1:31 a.m.43 views

Atlassian Crowd and Crowd Data Center - Unauthenticated Remote Code Execution

Atlassian Crowd and Crowd Data Center is susceptible to a remote code execution vulnerability because the pdkinstall development plugin is incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit...

9.8CVSS8.2AI score0.95355EPSS
Exploits6References5
NVD
NVD
added 2026/06/17 10:16 p.m.11 views

CVE-2026-50196

Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Discovery.Eureka prior to versions 4.2.0 and 3.4.0, DataCenterInfo.FromJson throws ArgumentException for any name value other than "MyOwn" or "Amazon", despite...

7.5CVSS0.00339EPSS
Exploits0References3
CVE
CVE
added 2026/06/17 9:18 p.m.19 views

CVE-2026-50196

CVE-2026-50196 – Steeltoe.Discovery.Eureka : In Steeltoe.Discovery.Eureka before versions 4.2.0 and 3.4.0, DataCenterInfo.FromJson throws an ArgumentException for any DataCenterInfo.name other than MyOwn, Amazon, or Netflix, causing the registry deserialization to fail and the cache refresh to sw...

7.5CVSS5.4AI score0.00339EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/17 9:18 p.m.18 views

CVE-2026-50196 Steeltoe.Discovery.Eureka: Unrecognized DataCenterInfo.Name poisons entire registry fetch

Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Discovery.Eureka prior to versions 4.2.0 and 3.4.0, DataCenterInfo.FromJson throws ArgumentException for any name value other than "MyOwn" or "Amazon", despite...

7.5CVSS0.00339EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.16 views

PT-2026-50555

Name of the Vulnerable Software and Affected Versions Steeltoe.Discovery.Eureka versions prior to 3.4.0 Steeltoe.Discovery.Eureka versions prior to 4.2.0 Description The DataCenterInfo.FromJson function throws an ArgumentException when it encounters any name value other than "MyOwn" or "Amazon"...

7.5CVSS5.9AI score0.00339EPSS
Exploits0References10
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.216 views

Confluence Server - Remote Code Execution

Confluence Server and Data Center contain an OGNL injection vulnerability that could allow an authenticated user, and in some instances an unauthenticated user, to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version...

9.8CVSS8.5AI score0.99999EPSS
Exploits45References5
Atlassian
Atlassian
added 2026/06/12 9:16 p.m.8 views

Prototype Pollution axios Dependency in Jira Service Management Data Center and Server

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Prototype Pollution vulnerability was introduced in versions 10.3.0 and 11.3.0 of Jira Service Management Data Center and Server...

9CVSS5.7AI score0.01815EPSS
Exploits5
Atlassian
Atlassian
added 2026/06/12 6:50 p.m.7 views

Prototype Pollution axios Dependency in Jira Software Data Center and Server

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Prototype Pollution vulnerability was introduced in versions 10.3.0 and 11.3.0 of Jira Software Data Center and Server. This...

9CVSS5.7AI score0.01815EPSS
Exploits5
Atlassian
Atlassian
added 2026/06/12 5:45 p.m.6 views

DoS (Denial of Service) org.postgresql:postgresql Dependency in Bamboo Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 10.2.0, 10.2.1, 10.2.2, 10.2.3, 10.2.4, 10.2.5, 10.2.6, 10.2.7, 10.2.8, 10.2.9, 10.2.10, 10.2.11, 10.2.12, 10.2.13, 10.2.14, 10.2.15, 10.2.16, 10.2.18, and 10.2.19 of Bamboo Data Center. This DoS Denial of Service...

5.2AI score
Exploits0
Atlassian
Atlassian
added 2026/06/12 1:31 p.m.9 views

Cryptographic Failure org.apache.tomcat:tomcat-catalina Dependency in Jira Software Data Center

This High severity Cryptographic Failure vulnerability was introduced in version 11.3.4 of Jira Software Data Center. This Cryptographic Failure vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an unauthenticated attacker to to get...

7.5CVSS5.7AI score0.03494EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/12 1:31 p.m.7 views

Information Disclosure org.apache.tomcat:tomcat-catalina Dependency in Jira Software Data Center

This High severity Information Disclosure vulnerability was introduced in versions 9.12.1, 9.15.2, 9.16.0, 9.17.0, 10.0.1, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Software Data Center. This Information Disclosure vulnerability, with a CVS...

7.5CVSS5.2AI score0.00447EPSS
Exploits0
Atlassian
Atlassian
added 2026/06/12 11:29 a.m.6 views

DoS (Denial of Service) io.netty:netty-codec-http2 Dependency in Crowd Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 6.2.0, 6.3.0, 7.0.0, 7.1.0, and 7.2.0 of Crowd Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...

7.5CVSS5.5AI score0.00748EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/11 5:31 p.m.6 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Crowd Data Center

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity HTTP Request Smuggling vulnerability was introduced in versions 6.2.0, 6.3.0, 7.0.0, 7.1.0, 7.2.0 of Crowd Data Center. This HTTP...

9.8CVSS5.4AI score0.00515EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/11 5:31 p.m.8 views

DoS (Denial of Service) org.postgresql:postgresql Dependency in Crowd Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 6.0.0, 6.1.0, 6.2.0, 6.3.6, 7.0.0, 7.1.0, and 7.2.0 of Crowd Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows a...

7.5CVSS5.2AI score0.0077EPSS
Exploits0
Atlassian
Atlassian
added 2026/06/11 5:31 p.m.7 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Crowd Data Center

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity HTTP Request Smuggling vulnerability was introduced in versions 6.2.0, 6.3.0, 7.0.0, 7.1.0, 7.2.0 of Crowd Data Center. This HTTP...

9.1CVSS5.4AI score0.00633EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/11 5:30 p.m.11 views

SSRF (Server-Side Request Forgery) axios Dependency in Bamboo Data Center

This High severity SSRF Server-Side Request Forgery vulnerability was introduced in versions 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This SSRF Server-Side Request Forgery vulnerability, with a CVSS Score of 8.6 and a CVSS Vector of...

8.6CVSS5.3AI score0.00921EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/11 5:30 p.m.8 views

RCE (Remote Code Execution) axios Dependency in Jira Service Management Data Center

This High severity RCE Remote Code Execution vulnerability was introduced in versions 5.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This RCE Remote Code Execution vulnerability, with a CVSS Score ...

7CVSS6AI score0.00495EPSS
Exploits0
Atlassian
Atlassian
added 2026/06/11 5:30 p.m.8 views

RCE (Remote Code Execution) axios Dependency in Jira Software Data Center

This High severity RCE Remote Code Execution vulnerability was introduced in versions 9.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Software Data Center. This RCE Remote Code Execution vulnerability, with a CVSS Score of 7 and a...

7CVSS6AI score0.00495EPSS
Exploits0
Rows per page
Query Builder