[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256288

 
 

909

 
 

199146

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 11057 Download | Alert*

The host is installed with Atlassian Jira Server before 8.5.14, 8.6.0 before 8.13.6, or 8.14.0 before 8.16.1 and is prone to a path traversal vulnerability. A flaw is present in the application which fails to properly handle an issue in the /WEB-INF/web.xml endpoint. Successful exploitation could allow remote attackers to read particular files via a path traversal vulnerability.

Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and I/O decoding control bits. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0777.

The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call.

The host is installed with Atlassian Jira Server version 7.4.0 before version 8.4.0 and is prone to a cross site request forgery. A flaw is present in the application which fails to properly handle the Webwork action. Successful exploitation could allow attackers to to bypass its protection via "cookie tossing" a CSRF cookie from a subdomain of a Jira instance.

Use of Cache Containing Sensitive Information in Atlassian Jira Server version 7.13.0 before version 8.4.0. A flaw is present in the application which fails to properly handle the AccessLogFilter class. Successful exploitation could allow attackers to learn details about other users, including their username.

The host is installed with Atlassian Jira Server version 7.12.0 before version 7.13.7, from version 8.0.0 before version 8.3.3 and is prone to a cross site scripting vulnerability. A flaw is present in the application which fails to properly handle the FilterPickerPopup.jspa resource. Successful exploitation could allow attackers to inject arbitrary HTML or JavaScript.

The host is installed with Atlassian Jira Server version 7.6.0 before version 8.4.0 and is prone to an incorrect authorization check vulnerability. A flaw is present in the application which fails to properly handle the /rest/api/1.0/render resource. Successful exploitation could allow attackers to determine if an attachment with a specific name exists and if an issue key is valid.

The host is installed with Atlassian Jira Server version 7.13.0 before version 8.3.2 and is prone to a cross site request forgery vulnerability. A flaw is present in the application which fails to properly handle the ServiceExecutor resource. Successful exploitation could allow attackers to trigger the creation of export files.

The host is installed with Atlassian Jira Server version 7.6.0 before version 8.3.2 and is prone to an incorrect authorization check vulnerability. A flaw is present in the application which fails to properly handle the /rest/issueNav/1/issueTable resource. Successful exploitation could allow attackers to enumerate usernames.

The host is installed with Atlassian Jira Server version 7.13.0 before version 7.13.7, from version 8.0.0 before version 8.3.2 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to properly handle the worklog rest resources. Successful exploitation could allow attackers to view worklog time information.


Pages:      Start    668    669    670    671    672    673    674    675    676    677    678    679    680    681    ..   1105

© SecPod Technologies