EUVD-2017-9224

Malware in sbrugna...

EUVD-2023-55662

Malicious code in bioql PyPI...

CVE-2023-36662

The TechTime User Management components for Atlassian products allow stored XSS on the Bulk User Actions page. This affects User Management for Jira 2.0.0 through 2.17.1, User Management for Confluence 2.0.0 through 2.15.24, and User Management for Bitbucket 2.2.2 through 2.15.24...

org.springframework:spring-webmvc Dependency in Bitbucket Data Center and Server

This High severity org.springframework:spring-webmvc Dependency vulnerability was introduced in versions 8.6.0, 8.7.0, 8.8.0, 8.9.0, 8.10.0, 8.11.0, 8.12.0, 8.13.0, 8.14.0, 8.15.0, 8.16.0, 8.17.0, and 8.18.0 of Bitbucket Data Center and Server. This org.springframework:spring-webmvc Dependency...

A week in security (October 3 – 9)

Last week on Malwarebytes Labs: Romance scammer deepfakes Mark Ruffalo to con elderly artist Actively exploited vulnerability in Bitbucket Server and Data Center Ransomware-affected school district refuses to pay, gets stolen data released Ransomware review: September 2022 Huge increase in smishi...

Vulnerability fixed in Atlassian Bitbucket

By placing a specially crafted DLL file in the Bitbucket installation directory, an unauthorized user can execute arbitrary code with SYSTEM privileges on a Windows system on which the vulnerable Bitbucket software is installed. Atlassian has released updates to fix the vulnerability. fix. For mo...