Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2025/08/11 6:57 p.m.32 views

CVE-2025-54458

Mattermost Confluence Plugin vulnerability CVE-2025-54458: versions = 1.5.0 or apply vendor-provided fix as available.

5CVSS7.1AI score0.00183EPSS
Exploits0References1Affected Software1
0day.today
0day.todayadded 2024/01/29 12:0 a.m.523 views

Atlassian Confluence SSTI Injection Exploit

This Metasploit module exploits an SSTI injection in Atlassian Confluence servers. A specially crafted HTTP request uses the injection to evaluate an OGNL expression resulting in OS command execution. Versions 8.5.0 through 8.5.3 and 8.0 to 8.4 are known to be vulnerable. This module requires...

9.8CVSS7.6AI score0.94354EPSS
Exploits31
Dsquare
Dsquareadded 2021/09/07 12:0 a.m.123 views

Confluence < 7.12.3 File Disclosure

File disclosure vulnerability in Confluence Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

5CVSS0.2AI score0.93977EPSS
Exploits6
Tenable Nessus
Tenable Nessusadded 2021/07/05 12:0 a.m.12 views

Atlassian Confluence 7.5.x < 7.8.3 Arbitrary File Read

According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 6.13.18, 6.14.x 7.4.6 or 7.5.x 7.8.3. It is, therefore, affected by an incorrect path access check vulnerability allowing unauthenticated remote attackers to read arbitrary...

5.3CVSS7.5AI score0.00626EPSS
Exploits0References2
Atlassian
Atlassianadded 2019/12/18 1:19 p.m.65 views

The team calendar event notification should not contain Confluence version number

h3. Issue Summary The team calendar notification template shows the Confluence version number in the footer, which might be a security vulnerability for some customers. h3. Steps to Reproduce Create an event on the Confluence team calendar and wait for the reminder email to be sent. h3. Expected...

2.8AI score
Exploits0Affected Software1
NVD
NVDadded 2018/08/15 12:29 p.m.13 views

CVE-2018-13393

The convertCommentToAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote attackers to modify a comment into an answer via a Cross-site request forgery CSRF...

6.5CVSS6.6AI score0.00084EPSS
Exploits0References2
Atlassian
Atlassianadded 2018/08/15 1:1 a.m.560 views

The acceptAnswer resource of Confluence Questions was vulnerable to CSRF - CVE-2018-13394

The acceptAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote attackers to make a user accept an answer via a Cross-site request forgery CSRF vulnerability...

6.5CVSS6AI score0.00103EPSS
Exploits0Affected Software1
Rows per page
Query Builder