132 matches found
CVE-2024-41825
In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab...
EUVD-2023-59721
Malicious code in bioql PyPI...
EUVD-2023-53940
Malicious code in bioql PyPI...
EUVD-2025-4199
Malicious code in bioql PyPI...
CVE-2025-26493
In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab...
CVE-2025-26493
In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab...
CVE-2025-26493
In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab...
CVE-2025-26493
In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab...
CVE-2025-26493
CVE-2025-26493 describes a DOM-based XSS in JetBrains TeamCity prior to 2024.12.2, specifically affecting the Code Inspection Report tab. The root cause is insufficient filtering/escaping of user-supplied data within that tab, enabling arbitrary script execution in the victim’s browser. Affected ...
CVE-2025-26493
In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab...
PT-2025-6219
Name of the Vulnerable Software and Affected Versions JetBrains TeamCity versions prior to 2024.12.2 Description The issue concerns a DOM-based cross-site scripting XSS condition in the Code Inspection Report tab. This occurs due to insufficient protection of the web page structure. Exploitation...
CVE-2024-57881
In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: don't call pfntopage on possibly non-existent PFN in splitlargebuddy In splitlargebuddy, we might call pfntopage on a PFN that might not exist. In corner cases, such as when freeing the highest pageblock in the last...
PT-2025-3606 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises in the split large buddy function where pfn to page might be called on a possibly non-existent PFN. In specific corner cases, such as freeing the highest pageblock in...
CVE-2024-46677
In the Linux kernel, the following vulnerability has been resolved: gtp: fix a potential NULL pointer dereference When sockfdlookup fails, gtpencapenablesocket returns a NULL pointer, but its callers only check for error pointers thus miss the NULL pointer case. Fix it by returning an error point...
CVE-2024-43888
CVE-2024-43888 pertains to the Linux kernel memory-control path. The advisory fixes a use-after-free in mm/list_lru for memory cgroups: mem_cgroup_from_slab_obj() must be called under RCU protection (rcu_read_lock) or with appropriate locks; without it, a memcg could be freed while still used. Th...
JetBrains TeamCity Cross-Site Scripting Vulnerability (CNVD-2025-16721)
JetBrains TeamCity is a Continuous Integration CI/CD tool that is primarily used to automate the software build, test, and deployment process. JetBrains TeamCity suffers from a cross-site scripting vulnerability that can be exploited by an attacker to store XSS on the code inspection tab...
TeamCity Server < 2024.7 Multiple Vulnerabilities
According to its its self-reported version number, the version of JetBrains TeamCity running on the remote host is a version prior to 2024.7 It is, therefore, affected by multiple vulnerabilities: - Access tokens could continue working after deletion or expiration CVE-2024-41827 - Parameters of t...
CVE-2024-41825
In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab...
CVE-2024-41825
In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab...
CVE-2024-41825
In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab...