Latest atlassian bitbucket Vulnerabilities

CVE-2023-34064
Privilege Escalation Vulnerability
Apple Webkit
Microsoft Power Platform
Microsoft Azure Logic Apps
Microsoft Windows
Adobe Prelude
Adobe Illustrator
and 19 more
CVE-2023-35641
Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
Microsoft Windows Server 2008
Microsoft Windows 11=21H2
Microsoft Windows Server 2008
Microsoft Windows 10=21H2
Microsoft Windows Server 2022
Microsoft Windows 11=22H2
and 69 more
CVE-2023-35628
Windows MSHTML Platform Remote Code Execution Vulnerability
Microsoft Windows 11=21H2
Microsoft Windows 10=21H2
Microsoft Windows 11=22H2
Microsoft Windows 10=21H2
Microsoft Windows 10
Microsoft Windows 10=22H2
and 65 more
CVE-2023-36019
Microsoft Power Platform Connector Spoofing Vulnerability
Microsoft Power Platform
Microsoft Azure Logic Apps
Microsoft Azure Logic Apps<3.23113
Microsoft Power Platform<3.23113
Apple Webkit
Microsoft Power Platform
and 22 more
CVE-2023-35630
Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows 10=1809
Microsoft Windows 10=1607
Microsoft Windows 10=1809
Microsoft Windows Server 2012
Microsoft Windows 11=22H2
and 70 more
CVE-2023-41678
Double free in cache management
Apple Webkit
Microsoft Power Platform
Microsoft Azure Logic Apps
Microsoft Windows
Adobe Prelude
Adobe Illustrator
and 30 more
CVE-2023-33063
Use After Free in DSP Services
Qualcomm Multiple Chipsets
Google Android
Qualcomm 315 5g Iot Modem Firmware
Qualcomm 315 5g Iot Modem
Google Android
Qualcomm Apq8017
and 581 more
CVE-2023-33106
Use of Out-of-range Pointer Offset in Graphics
Qualcomm Multiple Chipsets
Google Android
Google Android
Qualcomm Ar8035
Qualcomm Csra6620 Firmware
Google Android
and 325 more
CVE-2023-33107
Integer Overflow or Wraparound in Graphics Linux
Apple Webkit
Microsoft Power Platform
Microsoft Azure Logic Apps
Microsoft Windows
Adobe Prelude
Adobe Illustrator
and 503 more
CVE-2023-20588
Xen Security Advisory 439 v1 (CVE-2023-20588) - x86/AMD: Divide speculative information leak
Debian Debian Linux=11.0
Debian Debian Linux=12.0
Amd Epyc 7351p Firmware
Amd Epyc 7351p
Amd Epyc 7401p Firmware
Amd Epyc 7401p
and 349 more
CVE-2023-3541
ThinuTech ThinuCMS author_posts.php cross site scripting
Thinutech Thinu-cms=1.5
Apple Webkit
Microsoft Power Platform
Microsoft Azure Logic Apps
Microsoft Windows
Adobe Prelude
and 20 more
CVE-2022-43781
There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue to execute arbi...
Atlassian Bitbucket>=7.0.0<7.6.19
Atlassian Bitbucket>=7.7.0<7.17.12
Atlassian Bitbucket>=7.18.0<7.21.6
Atlassian Bitbucket>=7.22.0<8.0.5
Atlassian Bitbucket>=8.1.0<8.1.5
Atlassian Bitbucket>=8.2.0<8.2.4
and 2 more
CVE-2022-36804
Atlassian Bitbucket Server and Data Center Command Injection Vulnerability
Atlassian Bitbucket>=7.0.0<7.6.17
Atlassian Bitbucket>=7.7.0<7.17.10
Atlassian Bitbucket>=7.18.0<7.21.4
Atlassian Bitbucket>=8.0.0<8.0.3
Atlassian Bitbucket>=8.1.0<8.1.3
Atlassian Bitbucket>=8.2.0<8.2.2
and 2 more
CVE-2022-26137
A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlassi...
Atlassian Bamboo>=7.2.0<7.2.10
Atlassian Bamboo>=8.0.0<8.0.9
Atlassian Bamboo>=8.1.0<8.1.8
Atlassian Bamboo>=8.2.0<8.2.4
Atlassian Bitbucket<7.6.16
Atlassian Bitbucket>=7.7.0<7.17.8
and 36 more
CVE-2022-26136
A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used by e...
Atlassian Bamboo>=7.2.0<7.2.10
Atlassian Bamboo>=8.0.0<8.0.9
Atlassian Bamboo>=8.1.0<8.1.8
Atlassian Bamboo>=8.2.0<8.2.4
Atlassian Bitbucket<7.6.16
Atlassian Bitbucket>=7.7.0<7.17.8
and 36 more
CVE-2020-36233
The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x before 7.6.4, and from version 7.7.0 before 7.10.1 allows local attackers to escalate privileg...
Atlassian Bitbucket<6.10.9
Atlassian Bitbucket>=7.0.0<7.6.4
Atlassian Bitbucket>=7.7.0<7.10.1
Microsoft Windows
CVE-2020-14170
Webhooks in Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 allow remote attackers to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulne...
Atlassian Bitbucket>=5.4.0<7.3.1
CVE-2020-14171
Atlassian Bitbucket Server from version 4.9.0 before version 7.2.4 allows remote attackers to intercept unencrypted repository import requests via a Man-in-the-Middle (MITM) attack.
Atlassian Bitbucket>=4.9.0<7.2.4
CVE-2019-15012
Atlassian Bitbucket>=4.13.0<5.6.11
Atlassian Bitbucket>=6.0.0<6.0.11
Atlassian Bitbucket>=6.1.0<6.1.9
Atlassian Bitbucket>=6.2.0<6.2.7
Atlassian Bitbucket>=6.3.0<6.3.6
Atlassian Bitbucket>=6.4.0<6.4.4
and 5 more
CVE-2019-20097
Bitbucket Server and Bitbucket Data Center versions starting from 1.0.0 before 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version...
Atlassian Bitbucket>=1.0.0<5.6.11
Atlassian Bitbucket>=6.0.0<6.0.11
Atlassian Bitbucket>=6.1.0<6.1.9
Atlassian Bitbucket>=6.2.0<6.2.7
Atlassian Bitbucket>=6.3.0<6.3.6
Atlassian Bitbucket>=6.4.0<6.4.4
and 5 more
CVE-2019-15005
The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results to a user-specified email address due to ...
Atlassian Troubleshooting and Support<1.17.2
Atlassian Bamboo<6.10.2
Atlassian Bitbucket<6.6.0
Atlassian Confluence<7.0.1
Atlassian Crowd<3.6.0
Atlassian Crucible<4.7.2
and 2 more
CVE-2019-15000
The commit diff rest endpoint in Bitbucket Server and Data Center before 5.16.10 (the fixed version for 5.16.x ), from 6.0.0 before 6.0.10 (the fixed version for 6.0.x), from 6.1.0 before 6.1.8 (the f...
Atlassian Bitbucket>=5.16.0<5.16.10
Atlassian Bitbucket>=6.0.0<6.0.10
Atlassian Bitbucket>=6.1.0<6.1.8
Atlassian Bitbucket>=6.2.0<6.2.6
Atlassian Bitbucket>=6.3.0<6.3.5
Atlassian Bitbucket>=6.4.0<6.4.3
and 1 more
CVE-2019-3397
Atlassian Bitbucket Data Center licensed instances starting with version 5.13.0 before 5.13.6 (the fixed version for 5.13.x), from 5.14.0 before 5.14.4 (fixed version for 5.14.x), from 5.15.0 before 5...
Atlassian Bitbucket>=5.13.0<5.13.6
Atlassian Bitbucket>=5.14.0<5.14.4
Atlassian Bitbucket>=5.15.0<5.15.3
Atlassian Bitbucket>=5.16.0<5.16.3
Atlassian Bitbucket>=6.0.0<6.0.3
Atlassian Bitbucket>=6.1.0<6.1.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203