31 matches found
EUVD-2025-15883
Malicious code in bioql PyPI...
EUVD-2024-19301
Malicious code in bioql PyPI...
CVE-2025-22157
This High severity PrivEsc Privilege Escalation vulnerability was introduced in versions: 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Core Data Center and Server 5.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Service Management Data Center and Server This PrivEsc Privilege Escalation vulnerability, wi...
CVE-2025-22157
This High severity PrivEsc Privilege Escalation vulnerability was introduced in versions: 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Core Data Center and Server 5.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Service Management Data Center and Server This PrivEsc Privilege Escalation vulnerability, wi...
CVE-2025-22157
This High severity PrivEsc Privilege Escalation vulnerability was introduced in versions: 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Core Data Center and Server 5.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Service Management Data Center and Server This PrivEsc Privilege Escalation vulnerability, wi...
CVE-2025-22157
This High severity PrivEsc Privilege Escalation vulnerability was introduced in versions: 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Core Data Center and Server 5.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Service Management Data Center and Server This PrivEsc Privilege Escalation vulnerability, wi...
CVE-2025-22157
This High severity PrivEsc Privilege Escalation vulnerability was introduced in versions: 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Core Data Center and Server 5.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Service Management Data Center and Server This PrivEsc Privilege Escalation vulnerability, wi...
CVE-2025-22157
This High severity PrivEsc Privilege Escalation vulnerability was introduced in versions: 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Core Data Center and Server 5.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Service Management Data Center and Server This PrivEsc Privilege Escalation vulnerability, wi...
CVE-2025-22157
CVE-2025-22157 is a Privilege Escalation affecting Atlassian Jira Core Data Center and Server (versions 9.12.0, 10.3.0, 10.4.0, 10.5.0) and Jira Service Management Data Center and Server (versions 5.12.0, 10.3.0, 10.4.0, 10.5.0). The flaw allows an attacker to act as a higher-privileged user (CVS...
Atlassian Jira Core Data和Atlassian Jira Service Management Data 安全漏洞
Atlassian Jira Core Data and Atlassian Jira Service Management Data are both products of Atlassian Australia.Atlassian Jira Core Data is an enterprise-level project management tool.Atlassian Jira Atlassian Jira Service Management Data is an IT Service Management ITSM tool. A security vulnerabilit...
PrivEsc (Privilege Escalation) in Jira Core Data Center
Summary: This High severity PrivEsc Privilege Escalation vulnerability was introduced in versions 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Core Data Center. This PrivEsc Privilege Escalation vulnerability, with a CVSS Score of 7.2, allows an attacker to perform actions as a higher-privileged...
PT-2025-22265 · Atlassian · Jira Service Management Server +1
Name of the Vulnerable Software and Affected Versions: Jira Core Data Center and Server versions 9.12.0 through 10.5.0 Jira Service Management Data Center and Server versions 5.12.0 through 10.5.0 Description: This is a High severity Privilege Escalation vulnerability that allows an attacker to...
XXE (XML External Entity Injection) in Jira Core Data Center and Server and Jira Software Server
This High severity XXE XML External Entity Injection vulnerability was introduced in version 9.12.0 of Jira Core Data Center and Server and Jira Software Server. This XXE XML External Entity Injection vulnerability, with a CVSS Score of 7.7, allows an attacker to access local and remote content...
CVE-2024-21685
This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to view sensitive information via an Information Disclosur...
XSS (Cross Site Scripting) DOMPurify Dependency in Jira Core Data Center and Server
|Please see our updated fixed version guidance for this CVE, as the fix issued in our November 2024 Security Bulletin was incomplete. This vulnerability has now been mitigated in Jira Software and the correct fixed versions have been added to this ticket. We apologize for any inconvenience our...
Atlassian Jira Service Management Data Center and Server < 5.4.21 / 5.12.x < 5.12.8 / 5.15.x < 5.16.0 (JSDSERVER-15309)
The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-15309 advisory. - This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, an...
CVE-2024-21685
This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to view sensitive information via an Information Disclosur...
CVE-2024-21685
This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to view sensitive information via an Information Disclosur...
CVE-2024-21685
CVE-2024-21685 affects Atlassian Jira Core Data Center. Introduced in versions 9.4.0, 9.12.0, and 9.15.0, it is a high-severity information disclosure (CVSS v3.1 base 6.5/7.4 depending on vector). An unauthenticated attacker can view sensitive data with user interaction required. Remediation from...
CVE-2024-21685
This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to view sensitive information via an Information Disclosur...