Atlassian Confluence 8.6.x < 8.9.1 Cross-Site Scripting

According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 7.19.22, 7.20.x prior to 8.5.9 or 8.6.x prior to 8.9.1. It is, therefore, affected by a stored Cross-Site Scripting XSS vulnerability. Note that the scanner has not tested fo...

Atlassian Jira 7.0.6 < 8.5.4 Multiple Vulnerabilities

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is version 7.0.6 prior to 8.5.4 or 8.6.x prior to 8.7.1. It is, therefore, affected by multiple vulnerabilities: - A flaw which permits remote attackers to achieve Denial of Service via a...

Atlassian Jira 8.6.x < 8.13.7 Reverse Tabnapping Via Project Shortcuts

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.15, 8.6.x 8.13.7, 8.14.0 8.17.1 or 8.18.0 8.18.1. It is, therefore, affected by a vulnerability in the Project Shortcuts feature which allows remote attackers to redirect...

VMware vRealize Operations 跨站请求伪造漏洞

VMware vRealize Operations is an application from VMware, Inc. A unified, AI-based platform for private, hybrid, and multi-cloud environments that delivers IT operations management on autopilot. A security vulnerability exists in VMware vRealize Operations vROps version 8.6.x series, which can be...

Atlassian Jira 8.6.x < 8.13.6 Arbitrary File Read

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.14, 8.6.x 8.13.6 or 8.14.x 8.16.1. It is, therefore, affected by a path traversal vulnerability in the /WEB-INF/web.xml endpoint allowing remote attackers to read particul...

CVE-2019-5317

A local authentication bypass vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5.4.15 and below; Aruba Instant 8.3.x: 8.3.0.11 and below; Aruba Instant 8.4.x: 8.4.0.5 and below; Aruba...

Immunity Canvas: DRUPAL_SERVICES_RCE

Name| drupalservicesrce ---|--- CVE| CVE-2019-6340 Exploit Pack| CANVAS Description| CVE-2019-6340 Notes| CVE Name: CVE-2019-6340 VENDOR: Drupal NOTES: An unauthenticated unserialization bug can be exploited on the RESTful Web Services module on the Drupal core for the following versions: 7.X...

Cross site scripting

Cross-site scripting XSS vulnerability in the basic dashboard in Thycotic Secret Server 8.6.x, 8.7.x, and 8.8.x before 8.8.000005 allows remote authenticated users to inject arbitrary web script or HTML via a password entry, which is not properly handled when toggling the password mask...

Sendmail 8.6.x, 8.7.x - 8.7.5 Local Starvation and Overflow Vulnerabilities

The remote Sendmail server, according to its version number, has buffer overflow and denial of service problem through GECOS field, it gives root access to local users. SPDX-FileCopyrightText: 2003 Xue Yong Zhi Some text descriptions might be excerpted from a referenced sources, and are Copyright...