Month: February 2020
-
CVE-2019-20404 – The API in Atlassian Jira Server and Data Center before version 8.6.0 allows authenticated …
The API in Atlassian Jira Server and Data Center before version 8.6.0 allows authenticated remote attackers to determine project titles …
-
CVE-2019-20403 – The API in Atlassian Jira Server and Data Center before version 8.6.0 allows remote attack …
The API in Atlassian Jira Server and Data Center before version 8.6.0 allows remote attackers to determine if a Jira project key exists or …
-
CVE-2019-20402 – Support zip files in Atlassian Jira Server and Data Center before version 8.6.0 could be d …
Support zip files in Atlassian Jira Server and Data Center before version 8.6.0 could be downloaded by a System Administrator user without …
-
CVE-2019-20401 – Various installation setup resources in Jira before version 8.5.2 allow remote attackers t …
Various installation setup resources in Jira before version 8.5.2 allow remote attackers to configure a Jira instance, which has not yet …
-
CVE-2019-20400 – The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to …
The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to write a dll file to a directory in the global …
-
CVE-2019-20106 – Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8 …
Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0 before version 8.5.4, and 8.6.0 before …
-
CVE-2019-20104 – The OpenID client application in Atlassian Crowd before version 3.6.2, and from version 3. …
The OpenID client application in Atlassian Crowd before version 3.6.2, and from version 3.7.0 before 3.7.1 allows remote attackers to …
-
CVE-2011-1597 – OpenVAS Manager v2.0.3 allows plugin remote code execution. …
OpenVAS Manager v2.0.3 allows plugin remote code …
-
Malicious warez hosted on Bitbucket get more than 500,000 downloads
“This campaign deploys an arsenal of malware for a multi-pronged assault on businesses,” Cybereason researchers Lior Rochberger and Assaf …
-
IoT Malware Campaign Infects Global Manufacturing Sites
A new malware campaign built to exploit flaws in connected devices is targeting manufacturers around the world and affecting products from …
-
Department of Energy Adds Attivo Decoys for Critical Infrastructure Security
The US Department of Energy’s Office of Technology Transitions (OTT) Technology Commercialization Fund (TCF) and the Pacific Northwest …
-
The newest cybersecurity IPO has no product, customers or sales – yet
A technology company went public late last month with no customers, no product, no venture capital investment or not even a clear idea of …
●●●