Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Atlassian
Atlassianadded 2021/08/02 12:53 a.m.36 views

Remote code execution in workflow import - CVE-2017-18113

The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1 allows remote attackers who can trick a system administrator to import their malicious workflow to execute arbitrary code via a Remote Code Execution RCE vulnerability which allowed for various...

8.8CVSS9.1AI score0.02571EPSS
Exploits0
Atlassian
Atlassianadded 2021/08/02 12:53 a.m.113 views

Remote code execution in workflow import - CVE-2017-18113

The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1 allows remote attackers who can trick a system administrator to import their malicious workflow to execute arbitrary code via a Remote Code Execution RCE vulnerability which allowed for various...

8.8CVSS5.9AI score0.02571EPSS
Exploits0Affected Software1
Atlassian
Atlassianadded 2020/09/10 4:31 a.m.151 views

Sensitive data exposure via /secure/QueryComponent!Default.jspa endpoint - CVE-2020-14179

h3. Summary Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint. h3. Affected versions: version 8.5.8 8.6....

5.3CVSS5.4AI score0.92578EPSS
Exploits1
Atlassian
Atlassianadded 2020/06/12 8:5 p.m.31 views

Information disclosure in Login - CVE-2020-4028

Users without session information should be pushed to the login page. Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view sensitive information via an Information Disclosure vulnerability in Login. Affected versions: version...

5.3CVSS3.2AI score0.00354EPSS
Exploits0
Atlassian
Atlassianadded 2020/06/12 8:5 p.m.76 views

Information disclosure in Login - CVE-2020-4028

Users without session information should be pushed to the login page. Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view sensitive information via an Information Disclosure vulnerability in Login. Affected versions: version...

5.3CVSS3.2AI score0.00354EPSS
Exploits0Affected Software1
Atlassian
Atlassianadded 2017/06/28 9:33 a.m.31 views

Add possibility to disable public access to JIRA

As an Administrator I would like to be able to disable public access to JIRA, so the users will have to login before they can browse projects, search issues or navigate to system dashboard. Workaround: In JIRA 7.2.10 the possibility to disable public access for anonymous users was added, however ...

2.5AI score
Exploits0Affected Software1
Rows per page
Query Builder