Show filters
501 Total Results
Displaying 121-130 of 501
Sort by:
Attacker Value
Unknown
CVE-2020-18683
Disclosure Date: September 30, 2021 (last updated February 23, 2025)
Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java because of undefined fields mishandling.
0
Attacker Value
Unknown
CVE-2020-18685
Disclosure Date: September 30, 2021 (last updated February 23, 2025)
Floodlight through 1.2 has poor input validation in checkFlow in StaticFlowEntryPusherResource.java because of unchecked prerequisites related to TCP or UDP ports, or group or table IDs.
0
Attacker Value
Unknown
CVE-2021-39128
Disclosure Date: September 16, 2021 (last updated February 23, 2025)
Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon allow remote attackers with JIRA Administrators access to execute arbitrary Java code via a server-side template injection vulnerability in the Email Template feature. The affected versions of Jira Server or Data Center are before version 8.13.12, and from version 8.14.0 before 8.19.1.
0
Attacker Value
Unknown
CVE-2021-39126
Disclosure Date: September 14, 2021 (last updated February 23, 2025)
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify various resources via a Cross-Site Request Forgery (CSRF) vulnerability, following an Information Disclosure vulnerability in the referrer headers which discloses a user's CSRF token. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.1.
0
Attacker Value
Unknown
CVE-2021-39127
Disclosure Date: September 14, 2021 (last updated February 23, 2025)
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to the query component JQL endpoint via a Broken Access Control vulnerability (BAC) vulnerability. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.1.
0
Attacker Value
Unknown
CVE-2021-39125
Disclosure Date: September 14, 2021 (last updated October 10, 2024)
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to discover the usernames of users via an enumeration vulnerability in the password reset page. The affected versions are before version 8.5.10, and from version 8.6.0 before 8.13.1.
0
Attacker Value
Unknown
CVE-2021-39121
Disclosure Date: September 08, 2021 (last updated November 28, 2024)
Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to enumerate the keys of private Jira projects via an Information Disclosure vulnerability in the /rest/api/latest/projectvalidate/key endpoint. The affected versions are before version 8.5.18, from version 8.6.0 before 8.13.10, and from version 8.14.0 before 8.18.2.
0
Attacker Value
Unknown
CVE-2019-20101
Disclosure Date: September 01, 2021 (last updated February 23, 2025)
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view whitelist rules via a Broken Access Control vulnerability in the /rest/whitelist/<version>/check endpoint. The affected versions are before version 8.13.3, and from version 8.14.0 before 8.14.1.
0
Attacker Value
Unknown
CVE-2021-39109
Disclosure Date: September 01, 2021 (last updated February 23, 2025)
The renderWidgetResource resource in Atlasian Atlasboard before version 1.1.9 allows remote attackers to read arbitrary files via a path traversal vulnerability.
0
Attacker Value
Unknown
CVE-2021-39122
Disclosure Date: September 01, 2021 (last updated October 12, 2024)
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view users' emails via an Information Disclosure vulnerability in the /rest/api/2/search endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and from version 8.14.0 before 8.15.1.
0
