Neuroinformatics Unit, Integrative Computational Brain Science Collaboration Division, RIKEN Center For Brain Science Security Vulnerabilities
A flaw was found in the Kubernetes service for notebooks in RHODS, where it does not prevent pods from other namespaces and applications from making requests to the Jupyter API. This flaw can lead to file content exposure and other...
9.8CVSS
9.3AI Score
0.001EPSS
6.8AI Score
0.006EPSS
Exploit for Path Traversal in Zimbra Collaboration
CVE-2022-27925 (Zimbra RCE 2022) This repo is part of the...
7.7AI Score
0.948EPSS
Exploit for Path Traversal in Zimbra Collaboration
(CVE-2022-41352) Zimbra Unauthenticated RCE CVE-2022-41352...
9.3AI Score
0.955EPSS
A vulnerability classified as problematic was found in SourceCodester Storage Unit Rental Management System 1.0. This vulnerability affects unknown code of the file classes/Users.php?f=save. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been...
7.2CVSS
7.1AI Score
0.001EPSS
Summary IBM WebSphere® Application Server and and IBM WebSphere Application Server Liberty are shipped with IBM® Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere® Application Server and IBM WebSphere Application Server Liberty has been published in.....
6.6AI Score
0.0004EPSS
Summary IBM WebSphere® Application Server and IBM WebSphere Application Server Liberty is shipped with IBM® Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere® Application Server and IBM WebSphere Application Server Liberty has been published in a...
6.5AI Score
0.0004EPSS
Summary IBM WebSphere® Application Server and and IBM WebSphere Application Server Liberty are shipped with IBM® Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere® Application Server has been published in a security bulletin. Vulnerability Details...
7AI Score
0.0004EPSS
Summary IBM WebSphere® Application Server and and IBM WebSphere Application Server Liberty are shipped with IBM® Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere® Application Server and IBM WebSphere Application Server Liberty has been published in.....
6.9AI Score
0.0004EPSS
IMPatienT before 1.5.2 allows stored XSS via onmouseover in certain text fields within a PATCH /modify_onto request to the ontology builder. This may allow attackers to steal Protected Health...
5.5AI Score
0.001EPSS
Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-login randomly created password (from the "zmprove ca" command). It is visible in cleartext on port UDP 514 (aka the syslog port). NOTE: a third party reports that this cannot be...
9.8CVSS
9.5AI Score
0.003EPSS
Synacor Zimbra Collaboration Suite Collaboration <8.8.11 - Cross-Site Scripting
Synacor Zimbra Collaboration Suite Collaboration before 8.8.11 is vulnerable to cross-site scripting via the AJAX and html web...
6AI Score
0.006EPSS
7.4AI Score
0.975EPSS
Exploit for Injection in Atlassian Confluence Data Center
Atlassian Confluence CVE-2023-22527 Scanner 🛡️ Overview 🌟...
9.8AI Score
0.975EPSS
Exploit for Vulnerability in Atlassian Confluence Data Center
红队工具-Confluence未授权添加管理员用户(CVE-2023-22515)漏洞利用工具 漏洞影响范围...
9.9AI Score
0.972EPSS
Exploit for Injection in Atlassian Confluence Data Center
CVE-2023-22527-Godzilla-MEMSHELL Usage **ps:...
9.9AI Score
0.975EPSS
9.8AI Score
0.972EPSS
Exploit for Vulnerability in Atlassian Confluence Data Center
CVE-2023-22515 Exploit Script 🔐 This script is designed to...
9.8AI Score
0.972EPSS
This High severity org.springframework:spring-web Dependency vulnerability was introduced in versions 8.0.0, 8.1.0, 8.2.0, 8.3.0, 8.4.0, 8.5.0, 8.6.0, 8.7.0, 8.8.0, 8.9.0, 8.10.0, 8.11.0, 8.12.0, 8.13.0, 8.14.0-eap01, 8.15.0, 8.16.0, 8.17.0, 8.18.0, and 8.19.0 of Bitbucket Data Center and Server......
7.8AI Score
0.0004EPSS
{panel:bgColor=#e7f4fa} NOTE: This bug report is for JIRA Server. Using JIRA Cloud? [See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-34389]. {panel} Regression of JRA-4935 When i add the "Reporter" to the "Browse Project" Permission of one project. This project instantly....
1.7AI Score
This High severity org.springframework.security:spring-security-core Dependency vulnerability was introduced in versions 8.0.0, 8.1.0, 8.2.0, 8.3.0, 8.4.0, 8.5.0, 8.6.0, 8.7.0, 8.8.0, 8.9.0, 8.10.0, 8.11.0, 8.12.0, 8.13.0, 8.14.0-eap01, 8.15.0, 8.16.0, 8.17.0, 8.18.0, and 8.19.0 of Bitbucket Data.....
8AI Score
0.0004EPSS
SQLi (SQL Injection) org.postgresql:postgresql Dependency in Jira Software Data Center and Server
This Critical severity org.postgresql:postgresql Dependency vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, 9.6.0, 9.7.0, 9.8.0, 9.9.0, 9.10.0, 9.11.0, 9.12.0, 9.13.0, and 9.14.0 of Jira Software Data Center and Server. Jira Software Data Center is unaffected by.....
9.7AI Score
0.001EPSS
Grant "Browse Project" permission to "User Custom Field Value" makes project visible to all users
{panel:bgColor=#e7f4fa} NOTE: This bug report is for JIRA Server. Using JIRA Cloud? [See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-37117]. {panel} If in your permission schema, you grant Browse Project permission to "User Custom Field Value", the project is visible...
6.6AI Score
A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow an unauthenticated, remote attacker to cause high CPU utilization, which could impact access to the web-based management interface and cause delays with call processing. This API is not used for device....
7AI Score
0.001EPSS
SQLi (SQL Injection) org.postgresql:postgresql Dependency in Confluence Data Center and Server
This Critical severity org.postgresql:postgresql Dependency vulnerability was introduced in versions 6.0.1 of Confluence Data Center and Server. Confluence Data Center is unaffected by this vulnerability as it does not use the {{PreferQueryMode=SIMPLE}} parameter required for this vulnerability in....
9.7AI Score
0.001EPSS
Exploit for Injection in Atlassian Confluence Data Center
CVE-2023-22527 CVE-2023-22527 - Server-side Template...
10AI Score
0.975EPSS
6.8CVSS
7.2AI Score
0.001EPSS
This High severity org.eclipse.jgit:org.eclipse.jgit Dependency vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.1, 9.3.0, 9.4.0, and 9.5.0 of Bamboo Data Center and Server. The latest LTS Bamboo 9.6.0 is not impacted by this Vulnerability. This org.eclipse.jgit:org.eclipse.jgit...
7.3AI Score
0.001EPSS
Sensitive data exposure via /secure/QueryComponent!Default.jspa endpoint - CVE-2020-14179
h3. Summary Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint. h3. Affected versions: * version < 8.5.8...
5.4AI Score
0.965EPSS
Ability to have the Websudo functionality working with SAML / SSO
h3. Problem Definition When implementing SAML either through JDC or through a vendor plugin, the net result is you have to turn off websudo because you can't get websudo and SAML to work. The effect is you can go straight into administration functions without confirmation that you should. This...
0.3AI Score
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of...
6.5AI Score
0.008EPSS
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of...
6.5AI Score
0.008EPSS
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector of...
7AI Score
0.009EPSS
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of...
7AI Score
0.008EPSS
DoS (Denial of Service) org.eclipse.jetty:jetty-io Dependency in Crowd Data Center and Server
This High severity org.eclipse.jetty:jetty-io Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This org.eclipse.jetty:jetty-io Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
7.1AI Score
0.802EPSS
Information Disclosure org.eclipse.jetty:jetty-util Dependency in Crowd Data Center and Server
This High severity org.eclipse.jetty:jetty-util Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This org.eclipse.jetty:jetty-util Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
7.2AI Score
0.003EPSS
DoS (Denial of Service) org.apache.struts:struts2-core Dependency in Crowd Data Center and Server
This High severity org.apache.struts:struts2-core Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This org.apache.struts:struts2-core Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
7.2AI Score
0.008EPSS
Exploit for Injection in Atlassian Confluence Data Center
REF2924 NAPLISTENER is a backdoor scanner for the Wmdtc.exe...
9.8AI Score
0.975EPSS
Exploit for Injection in Atlassian Confluence Data Center
REF2924 NAPLISTENER is a backdoor scanner for the Wmdtc.exe...
9.8AI Score
0.975EPSS
DoS (Denial of Service) org.apache.struts:struts2-core Dependency in Crowd Data Center and Server
This High severity org.apache.struts:struts2-core Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This org.apache.struts:struts2-core Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
7.1AI Score
0.003EPSS
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector of...
7AI Score
0.003EPSS
Upgrade Apache Commons-text for CVE-2022-42889
h3. BUG RE-OPENED Jira Service Management 5.4.3 ( which was supposed to be fixed at 9.4.3 / 5.4.3 ) is still generating files with common text library of 1.6 version in the /plugins/.osgi-plugins folder. Even after deleting these files, they keep generating them back again in the next restart. Due....
9.1AI Score
0.971EPSS
This High severity org.springframework.security:spring-security-core Dependency vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, 9.6.0, 9.7.0, 9.8.0, 9.9.0, 9.10.0, 9.11.0, 9.12.0, 9.13.0, 9.14.0, and 9.15.0 of Jira Software Data Center and Server. This...
6.7AI Score
0.0004EPSS
Cisco Firepower Management Center Software SQL Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface does not adequately...
8.5AI Score
0.0004EPSS
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of...
7AI Score
0.008EPSS
8.8AI Score
0.975EPSS
brain-maps.org Cross Site Scripting vulnerability OBB-3861705
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of...
6.5AI Score
0.011EPSS
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of...
7AI Score
0.008EPSS
Security Misconfiguration org.eclipse.jetty:jetty-server Dependency in Crowd Data Center and Server
This High severity org.eclipse.jetty:jetty-server Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This org.eclipse.jetty:jetty-server Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
7.2AI Score
0.012EPSS