[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

252271

 
 

909

 
 

196835

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15178 Download | Alert*

The host is installed with Atlassian Jira Server before 8.13.12, or 8.14.0 before 8.19.1 and is prone to a server-side template injection vulnerability. A flaw is present in the application which fails to properly handle an issue in the Email Template feature used in the Jira Service Management addon. Successful exploitation could allow remote attackers with JIRA Administrators access to execute a ...

The host is installed with Atlassian Jira Server before 8.13.14, or 8.14.0 before 8.19.0 and is prone to a denial of service vulnerability. A flaw is present in the application which fails to properly handle an issue in the GIF Image Reader component. Successful exploitation could allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability.

The host is installed with Atlassian Jira Server before 8.5.14, 8.6.0 before 8.13.6, or 8.14.0 before 8.16.1 and is prone to a path traversal vulnerability. A flaw is present in the application which fails to properly handle an issue in the /WEB-INF/web.xml endpoint. Successful exploitation could allow remote attackers to read particular files via a path traversal vulnerability.

The utilities function in all versions <= 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects.

Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and I/O decoding control bits. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0777.

The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call.

The host is installed with Atlassian Jira Server version 7.4.0 before version 8.4.0 and is prone to a cross site request forgery. A flaw is present in the application which fails to properly handle the Webwork action. Successful exploitation could allow attackers to to bypass its protection via "cookie tossing" a CSRF cookie from a subdomain of a Jira instance.

Use of Cache Containing Sensitive Information in Atlassian Jira Server version 7.13.0 before version 8.4.0. A flaw is present in the application which fails to properly handle the AccessLogFilter class. Successful exploitation could allow attackers to learn details about other users, including their username.

The host is installed with Atlassian Jira Server version 7.12.0 before version 7.13.7, from version 8.0.0 before version 8.3.3 and is prone to a cross site scripting vulnerability. A flaw is present in the application which fails to properly handle the FilterPickerPopup.jspa resource. Successful exploitation could allow attackers to inject arbitrary HTML or JavaScript.

The host is installed with Atlassian Jira Server version 7.6.0 before version 8.4.0 and is prone to an incorrect authorization check vulnerability. A flaw is present in the application which fails to properly handle the /rest/api/1.0/render resource. Successful exploitation could allow attackers to determine if an attachment with a specific name exists and if an issue key is valid.


Pages:      Start    1008    1009    1010    1011    1012    1013    1014    1015    1016    1017    1018    1019    1020    1021    ..   1517

© SecPod Technologies