|
246871
|
6.1 |
MEDIUM
Network
|
atlassian
|
jira
jira_server
|
Various resources in Atlassian Jira before version 7.6.8, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.…
|
CWE-79
Cross-site Scripting
|
CVE-2018-13395
|
2024-11-21 12:47 |
2018-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246872
|
5.3 |
MEDIUM
Network
|
atlassian
|
jira
jira_server
|
The ProfileLinkUserFormat component of Jira Server before version 7.6.8, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, fro…
|
CWE-200
Information Exposure
|
CVE-2018-13391
|
2024-11-21 12:47 |
2018-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246873
|
7.0 |
HIGH
Local
|
linecorp
|
line
|
An issue was discovered in the LINE jp.naver.line application 8.8.1 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value…
|
CWE-287
Improper Authentication
|
CVE-2018-13446
|
2024-11-21 12:47 |
2018-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246874
|
7.0 |
HIGH
Local
|
linecorp
|
line
|
An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method to disable passcod…
|
CWE-287
Improper Authentication
|
CVE-2018-13435
|
2024-11-21 12:47 |
2018-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246875
|
6.3 |
MEDIUM
Physics
|
linecorp
|
line
|
An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The LAContext class for Biometric (TouchID) validation allows authentication bypass by overriding the LAContext return Boo…
|
CWE-287
Improper Authentication
|
CVE-2018-13434
|
2024-11-21 12:47 |
2018-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246876
|
6.5 |
MEDIUM
Network
|
atlassian
|
questions_for_confluence
|
The acceptAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote…
|
CWE-352
Origin Validation Error
|
CVE-2018-13394
|
2024-11-21 12:47 |
2018-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246877
|
6.5 |
MEDIUM
Network
|
atlassian
|
questions_for_confluence
|
The convertCommentToAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, all…
|
CWE-352
Origin Validation Error
|
CVE-2018-13393
|
2024-11-21 12:47 |
2018-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246878
|
9.8 |
CRITICAL
Network
|
vuze
|
bittorrent_client
|
In Vuze Bittorrent Client 5.7.6.0, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing (XXE) attack. Remote, unauthenticated attackers can use this v…
|
CWE-611
XXE
|
CVE-2018-13417
|
2024-11-21 12:47 |
2018-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246879
|
9.8 |
CRITICAL
Network
|
plex
|
media_server
|
In Plex Media Server 1.13.2.5154, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing (XXE) attack. Remote, unauthenticated attackers can use this vu…
|
CWE-611
XXE
|
CVE-2018-13415
|
2024-11-21 12:47 |
2018-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246880
|
6.1 |
MEDIUM
Network
|
atlassian
|
fisheye
crucible
|
Several resources in Atlassian Fisheye and Crucible before version 4.6.0 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in linked issue k…
|
CWE-79
Cross-site Scripting
|
CVE-2018-13392
|
2024-11-21 12:47 |
2018-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
