126 matches found
CVE-2026-2740
Zohocorp ManageEngine ADSelfService Plus version before 6525, DataSecurity Plus before 6264 and RecoveryManager Plus before 6313 are vulnerable to Authenticated Remote code execution in the agent machines due to the bug in the 3rd party dependency...
CVE-2026-2740
This CVE affects Zohocorp ManageEngine ADSelfService Plus (before 6525), DataSecurity Plus (before 6264), and RecoveryManager Plus (before 6313). Root cause: a bug in a third‑party dependency leading to Authenticated Remote Code Execution on agent machines. Affected products expose a high impact ...
CVE-2026-2740 Remote Code Execution
Zohocorp ManageEngine ADSelfService Plus version before 6525, DataSecurity Plus before 6264 and RecoveryManager Plus before 6313 are vulnerable to Authenticated Remote code execution in the agent machines due to the bug in the 3rd party dependency...
CVE-2026-34654
The CVE concerns Adobe Commerce (Magento) versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier affected by a Dependency on Vulnerable Third-Party Component vulnerability causing a denial-of-service. Exploitation does not require user interaction and can be perform...
axios: Axios: Remote Code Execution via Prototype Pollution escalation
A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific "Gadget" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote...
EUVD-2026-10578
Dependency on vulnerable third-party component in GitHub Repo: zero-shot-scfoundation allows an unauthorized attacker to execute code over a network...
CVE-2021-31892
A vulnerability has been identified in SINUMERIK Analyse MyCondition All versions, SINUMERIK Analyze MyPerformance All versions, SINUMERIK Analyze MyPerformance /OEE-Monitor All versions, SINUMERIK Analyze MyPerformance /OEE-Tuning All versions, SINUMERIK Integrate Client 02 All versions =...
Improper Authorization Third-Party Dependency in Bitbucket Data Center and Server - CVE-2025-22235
This High severity vulnerability known as CVE-2025-22235 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 8.19.12, 8.19.13, 8.19.14, 8.19.15, 8.19.16, 8.19.17, 8.19.18, 8.19.19, 8.19.20, 8.19.21, 8.19.23, 8.19.24 of Bitbucket Data...
RCE (Remote Code Execution) Third-Party Dependency in Bitbucket Data Center and Server - CVE-2024-38999
note: This is a critical vulnerability in a non-Atlassian Bitbucket dependency. However, Atlassian’s application of the dependency presents a lower assessed risk, which is why we are disclosing this vulnerability in our monthly Security Bulletin instead of a Critical Security Advisory. This...
RCE (Remote Code Execution) Third-Party Dependency in Bitbucket Data Center and Server - CVE-2023-45133
note: This is a critical vulnerability in a non-Atlassian Bitbucket dependency. However, Atlassian’s application of the dependency presents a lower assessed risk, which is why we are disclosing this vulnerability in our monthly Security Bulletin instead of a Critical Security Advisory. This...
Prototype Pollution Third-Party Dependency in Bitbucket Data Center and Server - CVE-2022-46175
This High severity vulnerability known as CVE-2022-46175 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 8.19.12, 8.19.13, 8.19.14, 8.19.15 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.1 and a CV...
RCE (Remote Code Execution) Third-Party Dependency in Bitbucket Data Center and Server - CVE-2016-1000027
note: This is a critical vulnerability in a non-Atlassian Bitbucket dependency. However, Atlassian’s application of the dependency presents a lower assessed risk, which is why we are disclosing this vulnerability in our monthly Security Bulletin instead of a Critical Security Advisory. This...
Prototype Pollution Third-Party Dependency in Confluence Data Center and Server - CVE-2022-46175
This High severity vulnerability known as CVE-2022-46175 was introduced in 7.19.0, 8.5.0, 8.6.0, 8.8.0, 8.7.1, 8.9.0, 9.1.0, 9.0.1, 9.2.0, 9.3.1 of Confluence Data Center and Server. This vulnerability with a CVSS Score of 7.1 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H...
DoS (Denial of Service) Third-Party Dependency in Confluence Data Center and Server - CVE-2022-38900
This High severity vulnerability known as CVE-2022-38900 was introduced in 7.19.0, 8.5.0, 8.6.0, 8.8.0, 8.7.1, 8.9.0, 9.1.0, 9.0.1, 9.2.0, 9.4.0, 9.5.1 of Confluence Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A...
Broken Authentication Third-Party Dependency in Bitbucket Data Center and Server - CVE-2025-22228
This High severity vulnerability known as CVE-2025-22228 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 9.4.0, 8.19.12, 8.19.13, 9.4.1, 9.4.2, 8.19.14, 9.4.3, 8.19.15, 8.19.16, 9.4.4, 8.19.17, 9.4.5, 8.19.18, 9.4.6 of Bitbucket...
DoS (Denial of Service) Third-Party Dependency in Jira Service Management Data Center and Server
This High severity Third-Party Dependency vulnerability was introduced in versions 5.10.0, 5.11.0, 5.12.0, 5.13.0, 5.14.0, 5.15.2, 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.0, 11.0.0 and and 11.1.0 of Jira Service Management Data Center and Server. This...
Improper Authorization Third-Party Dependency in Bitbucket Data Center and Server - CVE-2025-41248
This High severity vulnerability known as CVE-2025-41248 was introduced in 10.0.0 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Atlassian recommends that Bitbucket Data Center and Server customers...
Prototype Pollution Third-Party Dependency in Bitbucket Data Center and Server - CVE-2020-8203
This High severity vulnerability known as CVE-2020-8203 was introduced in 4.4.0, 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 8.19.12, 8.19.13, 8.19.14, 8.19.15 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.4 an...
DoS (Denial of Service) Third-Party Dependency in Bitbucket Data Center and Server - CVE-2024-25710
This High severity vulnerability known as CVE-2024-25710 was introduced in 8.3.0, 8.3.1, 8.3.2, 8.3.3, 8.3.4, 8.4.0, 8.4.1, 8.4.2, 8.4.3, 8.4.4, 8.5.0, 8.5.1, 8.5.2, 8.5.3, 8.5.4, 8.6.0, 8.6.1, 8.6.2, 8.6.3, 8.6.4, 8.7.0, 8.7.1, 8.7.2, 8.7.3, 8.7.4, 8.8.0, 8.8.1, 8.8.2, 8.8.3, 8.8.4, 8.8.5, 8.9.0...
DoS (Denial of Service) Third-Party Dependency in Bitbucket Data Center and Server - CVE-2021-3807
This vulnerability affects certain versions of Atlassian Bitbucket Data Center and Server. Please describe the impact of the vulnerability here. No known vulnerability could be read off of the parent...