CVE-2025-67780

SpaceX Starlink Dish devices with firmware 2024.12.04.mr46620 e.g., on Mini1prod2 allow administrative actions via unauthenticated LAN gRPC requests, aka MARMALADE 2. The cross-origin policy can be bypassed by omitting a Referer header. In some cases, an attacker's ability to read tilt, rotation,...

CVE-2024-56356

In JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE attack...

PT-2024-9847 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2024.12 Description: The issue exists due to the missing Content-Type header in the RemoteBuildLogController response, which could lead to a cross-site scripting XSS attack. This allows a remote attacker t...

PT-2024-9852 · Jetbrains · Jetbrains Teamcity +1

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2024.12 Description: The issue is related to the incorrect session expiration in the JetBrains TeamCity CI/CD system. Exploitation of this issue may allow a remote attacker to impact the confidentiality,...

PT-2024-9845 · Jetbrains · Jetbrains Teamcity +1

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2024.12 Description: The issue is related to improper access control in JetBrains TeamCity, which allowed viewing details of unauthorized agents. This could potentially enable a remote attacker to gain...