Filters

Versions

2018.2.4
2

Jetbrains TeamcityPath Traversal

high
7.5
First published (updated )
CVE-2024-47949

Jetbrains TeamcityPath Traversal

high
7.5
First published (updated )
CVE-2024-47948

Jetbrains TeamcityIn JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory perm…

high
7.8
First published (updated )
CVE-2024-43114

Jetbrains TeamcityIn JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space App…

high
7.5
First published (updated )
CVE-2024-41829

SolarWinds Access Rights ManagerSolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution

high
8
EPSS
0.04%
First published (updated )
CVE-2024-23478

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Jetbrains TeamcityCSRF

high
8.8
First published (updated )
CVE-2023-50870

Jetbrains TeamcityIn JetBrains TeamCity before 2023.05.2 a ReDoS attack was possible via integration with issue tracke…

high
7.5
First published (updated )
CVE-2023-39174

Jetbrains TeamcityIn JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full a…

high
8.8
First published (updated )
CVE-2023-39173

Jetbrains TeamcityIn JetBrains TeamCity before 2023.05 a specific endpoint was vulnerable to brute force attacks

high
7.5
First published (updated )
CVE-2023-34227

Jetbrains TeamcityIn JetBrains TeamCity version before 2022.10, Password parameters could be exposed in the build log …

high
7.5
First published (updated )
CVE-2022-44624

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Jetbrains TeamcityIn JetBrains TeamCity version before 2022.10, Project Viewer could see scrambled secure values in th…

high
7.5
First published (updated )
CVE-2022-44623

Jetbrains TeamcityIn JetBrains TeamCity before 2022.04.2 build parameter injection was possible

high
8.8
First published (updated )
CVE-2022-36322

Jetbrains TeamcityIn JetBrains TeamCity before 2021.2.3, environment variables of the "password" type could be logged …

high
7.5
First published (updated )
CVE-2022-25264

Jetbrains TeamcityCSRF

high
8.8
First published (updated )
CVE-2022-24342

Jetbrains TeamcityIn JetBrains TeamCity before 2021.2.1, editing a user account to change its password didn't terminat…

high
7.5
First published (updated )
CVE-2022-24341

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Jetbrains TeamcityJetBrains TeamCity before 2021.2 was vulnerable to a Time-of-check/Time-of-use (TOCTOU) race-conditi…

high
8.1
First published (updated )
CVE-2022-24335

Jetbrains TeamcityIn JetBrains TeamCity before 2021.1, information disclosure via the Docker Registry connection dialo…

high
7.5
First published (updated )
CVE-2021-43196

Jetbrains TeamcityIn JetBrains TeamCity before 2021.1, passwords in cleartext sometimes could be stored in VCS.

high
7.5
First published (updated )
CVE-2021-37548

Jetbrains TeamcityIn JetBrains TeamCity before 2021.1.1, insufficient authentication checks for agent requests were ma…

high
7.5
First published (updated )
CVE-2021-37545

Jetbrains TeamcityIn JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during GitH…

high
7.5
First published (updated )
CVE-2021-31913

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Jetbrains TeamcityIn JetBrains TeamCity before 2020.2.3, account takeover was potentially possible during a password r…

high
8.8
First published (updated )
CVE-2021-31912

Jetbrains TeamcitySSRF

high
7.5
First published (updated )
CVE-2021-31910

Jetbrains TeamcityIn the TeamCity IntelliJ plugin before 2020.2.2.85899, DoS was possible.

high
7.5
First published (updated )
CVE-2021-26310

Jetbrains TeamcitySSRF

high
7.5
First published (updated )
CVE-2020-35667

Jetbrains TeamcityIn JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters.

high
7.5
First published (updated )
CVE-2021-25776

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Jetbrains TeamcityIn JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users'…

high
8.8
First published (updated )
CVE-2020-15825

Jetbrains TeamcityIn JetBrains TeamCity before 2019.2.1, the application state is kept alive after a user ends his ses…

high
7.5
First published (updated )
CVE-2020-11688

Jetbrains TeamcityInfoleak

high
7.5
First published (updated )
CVE-2020-11687

Jetbrains TeamcityIn JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI.

high
7.5
First published (updated )
CVE-2020-7909

Jetbrains TeamcityAn issue was discovered in JetBrains TeamCity 2018.2.4. It had no SSL certificate validation for som…

high
7.5
First published (updated )
CVE-2019-15042

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Jetbrains TeamcityAn issue was discovered in JetBrains TeamCity 2018.2.4. The TeamCity server was not using some secur…

high
7.5
First published (updated )
CVE-2019-15038

Jetbrains TeamcityInput Validation

high
7.5
First published (updated )
CVE-2019-12841

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203