Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
JetbrainsTeamcity

23 matches found

CVE
CVEadded 2019/07/03 8:15 p.m.249 views

CVE-2019-12846

A user without the required permissions could gain access to some JetBrains TeamCity settings. The issue was fixed in TeamCity 2018.2.2.

4.3CVSS4.7AI score0.00003EPSS
CVE
CVEadded 2019/10/01 8:15 p.m.107 views

CVE-2019-15035

An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Project administrator could get access to potentially confidential server-level data. The issue was fixed in TeamCity 2018.2.5 and 2019.1.

4.9CVSS5AI score0.00004EPSS
CVE
CVEadded 2022/05/12 9:15 a.m.87 views

CVE-2022-29928

In JetBrains TeamCity before 2022.04 leak of secrets in TeamCity agent logs was possible

4.9CVSS5.1AI score0.00004EPSS
CVE
CVEadded 2020/08/08 9:15 p.m.53 views

CVE-2020-15826

In JetBrains TeamCity before 2020.1, users are able to assign more permissions than they have.

4.3CVSS4.6AI score0.00002EPSS
CVE
CVEadded 2021/02/03 4:15 p.m.52 views

CVE-2021-25774

In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user.

4.3CVSS4.6AI score0.00002EPSS
CVE
CVEadded 2021/05/11 12:15 p.m.51 views

CVE-2021-31906

In JetBrains TeamCity before 2020.2.2, audit logs were not sufficient when an administrator uploaded a file.

4CVSS4.1AI score0.00002EPSS
CVE
CVEadded 2024/03/06 5:15 p.m.48 views

CVE-2024-28173

In JetBrains TeamCity between 2023.11 and 2023.11.4 custom build parameters of the "password" type could be disclosed

4.3CVSS4.7AI score0.00005EPSS
CVE
CVEadded 2020/01/30 6:15 p.m.46 views

CVE-2020-7908

In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages.

4.3CVSS4.7AI score0.00002EPSS
CVE
CVEadded 2024/03/28 3:15 p.m.46 views

CVE-2024-31140

In JetBrains TeamCity before 2024.03 server administrators could remove arbitrary files from the server by installing tools

4.9CVSS7AI score0.0001EPSS
CVE
CVEadded 2024/07/22 3:15 p.m.46 views

CVE-2024-41826

In JetBrains TeamCity before 2024.07 stored XSS was possible on Show Connection page

4.8CVSS6AI score0.0013EPSS
CVE
CVEadded 2024/12/20 3:15 p.m.46 views

CVE-2024-56348

In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agents

4.3CVSS7AI score0.00002EPSS
CVE
CVEadded 2019/10/31 4:15 p.m.44 views

CVE-2019-18365

In JetBrains TeamCity before 2019.1.4, reverse tabnabbing was possible on several pages.

4.3CVSS4.7AI score0.00003EPSS
CVE
CVEadded 2020/11/16 3:15 p.m.44 views

CVE-2020-27628

In JetBrains TeamCity before 2020.1.5, the Guest user had access to audit records.

4.3CVSS4.6AI score0.00002EPSS
CVE
CVEadded 2024/12/20 3:15 p.m.44 views

CVE-2024-56350

In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects

4.3CVSS7AI score0.00002EPSS
CVE
CVEadded 2020/04/22 2:15 p.m.42 views

CVE-2020-11938

In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator was able to see scrambled password parameters used in a project. The issue was resolved in 2019.2.2.

4.9CVSS5.1AI score0.00004EPSS
CVE
CVEadded 2023/05/31 2:15 p.m.42 views

CVE-2023-34224

In JetBrains TeamCity before 2023.05 open redirect during oAuth configuration was possible

4.8CVSS5.2AI score0.00003EPSS
CVE
CVEadded 2025/01/21 6:15 p.m.39 views

CVE-2025-24460

In JetBrains TeamCity before 2024.12.1 improper access control allowed to see Projects’ names in the agent pool

4.3CVSS6.8AI score0.00001EPSS
CVE
CVEadded 2020/04/22 2:15 p.m.38 views

CVE-2020-11686

In JetBrains TeamCity before 2019.1.4, a project administrator was able to retrieve some TeamCity server settings.

4CVSS4AI score0.00003EPSS
CVE
CVEadded 2015/01/13 3:59 p.m.35 views

CVE-2014-10036

Cross-site scripting (XSS) vulnerability in JetBrains TeamCity before 8.1 allows remote attackers to inject arbitrary web script or HTML via the cameFromUrl parameter to feed/generateFeedUrl.html.

4.3CVSS5.9AI score0.00004EPSS
CVE
CVEadded 2023/05/31 2:15 p.m.35 views

CVE-2023-34219

In JetBrains TeamCity before 2023.05 improper permission checks allowed users without appropriate permissions to edit Build Configuration settings via REST API

4.3CVSS4.6AI score0.00003EPSS
CVE
CVEadded 2025/06/23 3:15 p.m.5 views

CVE-2025-52877

In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible

4.8CVSS5AI score0.00016EPSS
CVE
CVEadded 2025/06/23 3:15 p.m.5 views

CVE-2025-52879

In JetBrains TeamCity before 2025.03.3 reflected XSS in the NPM Registry integration was possible

4.8CVSS5AI score0.00016EPSS
CVE
CVEadded 2025/06/23 3:15 p.m.3 views

CVE-2025-52878

In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissions

4.3CVSS4.8AI score0.00002EPSS