46 matches found
CVE-2026-49374
In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters...
CVE-2026-49374
In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters...
CVE-2026-49374
In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters...
JetBrains TeamCity < 2025.11.3 Multiple Vulnerabilities
The version of JetBrains TeamCity installed on the remote host is prior to 2025.11.3. It is, therefore, affected by multiple vulnerabilities: - Open redirect was possible in the React project creation flow. CVE-2026-28194 - Missing authorization allowed project developers to add parameters to bui...
JetBrains TeamCity 安全漏洞
JetBrains TeamCity is a set of distributed build management and continuous integration tools developed by the Czech company JetBrains. This tool offers features such as continuous unit testing, code quality analysis, and reporting on build issues. Versions of JetBrains TeamCity prior to 2025.11.3...
PT-2026-21905
In JetBrains TeamCity before 2025.11.3 missing authorization allowed project developers to add parameters to build configurations...
Jenkins 安全漏洞
Jenkins is an open-source application developed by Jenkins Project. The open-source automation server Jenkins offers hundreds of plugins to support building, deploying, and automating any project. Jenkins versions 2.55 and earlier, as well as LTS versions 2.541.1 and earlier, have security...
EUVD-2016-4741
Malware in sbrugna...
EUVD-2024-25303
Malicious code in bioql PyPI...
EUVD-2022-3405
Malicious code in bioql PyPI...
CVE-2025-53652
Jenkins Git Parameter Plugin 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices, allowing attackers with Item/Build permission to inject arbitrary values into Git parameters...
CVE-2024-28173
In JetBrains TeamCity between 2023.11 and 2023.11.4 custom build parameters of the "password" type could be disclosed...
CVE-2024-28154
Jenkins MQ Notifier Plugin 1.4.0 and earlier logs potentially sensitive build parameters as part of debug information in build logs by default...
CVE-2023-38067
In JetBrains TeamCity before 2023.05.1 build parameters of the "password" type could be written to the agent log...
CVE-2020-2289
Jenkins Active Choices Plugin 2.4 and earlier does not escape the name and description of build parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
Arbitrary Command Injection
Overview Affected versions of this package are vulnerable to Arbitrary Command Injection due to insufficient validation of input parameters in the maven build process. An attacker can execute arbitrary commands by injecting malicious input into the build parameters. Note: This is only exploitable...
Arbitrary Command Injection
Overview Affected versions of this package are vulnerable to Arbitrary Command Injection due to improper validation of parameter input. An attacker can execute arbitrary commands by injecting malicious input into the build parameters. Note: This is only exploitable if the user has system-level...
GHSA-5V69-92VW-FMJH Apache StreamPark: maven build params could trigger remote command execution
In streampark, the project module integrates Maven's compilation capabilities. The input parameter validation is not strict, allowing attackers to insert commands for remote command execution, The prerequisite for a successful attack is that the user needs to log in to the streampark system and...
CVE-2024-28173
In JetBrains TeamCity between 2023.11 and 2023.11.4 custom build parameters of the "password" type could be disclosed...
CVE-2024-28173
In JetBrains TeamCity between 2023.11 and 2023.11.4 custom build parameters of the "password" type could be disclosed...