|
248981
|
6.1 |
MEDIUM
Network
|
atlassian
|
jira
jira_server
|
The XsrfErrorAction resource in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from ve…
|
CWE-601
Open Redirect
|
CVE-2018-13401
|
2024-11-21 12:47 |
2018-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248982
|
4.7 |
MEDIUM
Network
|
atlassian
|
jira
jira_server
|
Several administrative resources in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, fro…
|
CWE-269
Improper Privilege Management
|
CVE-2018-13400
|
2024-11-21 12:47 |
2018-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248983
|
7.8 |
HIGH
Local
|
atlassian
|
fisheye
crucible
|
The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-13399
|
2024-11-21 12:47 |
2018-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248984
|
6.5 |
MEDIUM
Network
|
atlassian
|
fisheye
crucible
|
The administrative smart-commits resource in Atlassian Fisheye and Crucible before version 4.5.4 allows remote attackers to modify smart-commit settings via a Cross-site request forgery (CSRF) vulner…
|
CWE-352
Origin Validation Error
|
CVE-2018-13398
|
2024-11-21 12:47 |
2018-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248985
|
7.8 |
HIGH
Local
|
zohocorp
|
manageengine_desktop_central
|
An issue was discovered in the Self Service Portal in Zoho ManageEngine Desktop Central before 10.0.282. A clickable company logo in a window running as SYSTEM can be abused to escalate privileges. I…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-13412
|
2024-11-21 12:47 |
2018-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248986
|
8.8 |
HIGH
Network
|
zohocorp
|
manageengine_desktop_central
|
An issue was discovered in Zoho ManageEngine Desktop Central before 10.0.282. A clickable company logo in a window running as SYSTEM can be abused to escalate privileges. In cloud, the issue is fixed…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-13411
|
2024-11-21 12:47 |
2018-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248987
|
6.1 |
MEDIUM
Network
|
atlassian
|
jira
jira_server
|
Various resources in Atlassian Jira before version 7.6.8, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.…
|
CWE-79
Cross-site Scripting
|
CVE-2018-13395
|
2024-11-21 12:47 |
2018-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248988
|
5.3 |
MEDIUM
Network
|
atlassian
|
jira
jira_server
|
The ProfileLinkUserFormat component of Jira Server before version 7.6.8, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, fro…
|
CWE-200
Information Exposure
|
CVE-2018-13391
|
2024-11-21 12:47 |
2018-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248989
|
7.0 |
HIGH
Local
|
linecorp
|
line
|
An issue was discovered in the LINE jp.naver.line application 8.8.1 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value…
|
CWE-287
Improper Authentication
|
CVE-2018-13446
|
2024-11-21 12:47 |
2018-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248990
|
7.0 |
HIGH
Local
|
linecorp
|
line
|
An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method to disable passcod…
|
CWE-287
Improper Authentication
|
CVE-2018-13435
|
2024-11-21 12:47 |
2018-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
