Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
JetbrainsTeamcity

35 matches found

cve
cveadded 2023/09/19 5:15 p.m.3149 views

CVE-2023-42793

In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible

9.8CVSS9.6AI score0.94582EPSS
In wild
cve
cveadded 2023/05/31 2:15 p.m.71 views

CVE-2023-34218

In JetBrains TeamCity before 2023.05 bypass of permission checks allowing to perform admin actions was possible

9.8CVSS9.3AI score0.00002EPSS
cve
cveadded 2023/03/27 5:15 p.m.58 views

CVE-2022-48427

In JetBrains TeamCity before 2022.10.3 stored XSS on “Pending changes” and “Changes” tabs was possible

5.4CVSS5.2AI score0.00038EPSS
cve
cveadded 2023/02/23 4:15 p.m.52 views

CVE-2022-48343

In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the user creation process.

6.1CVSS5.9AI score0.03586EPSS
cve
cveadded 2023/03/27 4:15 p.m.52 views

CVE-2022-48426

In JetBrains TeamCity before 2022.10.3 stored XSS in Perforce connection settings was possible

5.4CVSS5.2AI score0.00038EPSS
cve
cveadded 2023/09/19 5:15 p.m.50 views

CVE-2023-43566

In JetBrains TeamCity before 2023.05.4 stored XSS was possible during nodes configuration

5.4CVSS5.2AI score0.00051EPSS
cve
cveadded 2023/02/23 4:15 p.m.48 views

CVE-2022-48344

In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the group creation process.

6.1CVSS5.9AI score0.00035EPSS
cve
cveadded 2023/03/27 5:15 p.m.48 views

CVE-2022-48428

In JetBrains TeamCity before 2022.10.3 stored XSS on the SSH keys page was possible

5.4CVSS5.2AI score0.03028EPSS
cve
cveadded 2023/05/31 2:15 p.m.45 views

CVE-2023-34227

In JetBrains TeamCity before 2023.05 a specific endpoint was vulnerable to brute force attacks

7.5CVSS7.4AI score0.00003EPSS
cve
cveadded 2023/02/23 4:15 p.m.44 views

CVE-2022-48342

In JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents.

9.8CVSS9.4AI score0.00002EPSS
cve
cveadded 2023/07/25 3:15 p.m.44 views

CVE-2023-39173

In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full account access

8.8CVSS8.7AI score0.00002EPSS
cve
cveadded 2023/07/25 3:15 p.m.44 views

CVE-2023-39175

In JetBrains TeamCity before 2023.05.2 reflected XSS via GitHub integration was possible

6.1CVSS6AI score0.00022EPSS
cve
cveadded 2023/05/31 2:15 p.m.43 views

CVE-2023-34224

In JetBrains TeamCity before 2023.05 open redirect during oAuth configuration was possible

4.8CVSS5.2AI score0.00003EPSS
cve
cveadded 2023/05/31 2:15 p.m.39 views

CVE-2023-34229

In JetBrains TeamCity before 2023.05 stored XSS in GitLab Connection page was possible

5.4CVSS5AI score0.00041EPSS
cve
cveadded 2023/07/12 1:15 p.m.39 views

CVE-2023-38065

In JetBrains TeamCity before 2023.05.1 stored XSS while viewing the build log was possible

5.4CVSS5.2AI score0.00041EPSS
cve
cveadded 2023/12/15 2:15 p.m.39 views

CVE-2023-50870

In JetBrains TeamCity before 2023.11.1 a CSRF on login was possible

8.8CVSS8.6AI score0.00005EPSS
cve
cveadded 2023/05/31 2:15 p.m.38 views

CVE-2023-34222

In JetBrains TeamCity before 2023.05 possible XSS in the Plugin Vendor URL was possible

6.1CVSS5.9AI score0.00017EPSS
cve
cveadded 2023/07/25 3:15 p.m.38 views

CVE-2023-39174

In JetBrains TeamCity before 2023.05.2 a ReDoS attack was possible via integration with issue trackers

7.5CVSS7.5AI score0.00002EPSS
cve
cveadded 2023/08/25 1:15 p.m.38 views

CVE-2023-41248

In JetBrains TeamCity before 2023.05.3 stored XSS was possible during Cloud Profiles configuration

5.4CVSS5.2AI score0.00356EPSS
cve
cveadded 2023/05/31 2:15 p.m.37 views

CVE-2023-34219

In JetBrains TeamCity before 2023.05 improper permission checks allowed users without appropriate permissions to edit Build Configuration settings via REST API

4.3CVSS4.6AI score0.00002EPSS
cve
cveadded 2023/05/31 2:15 p.m.37 views

CVE-2023-34228

In JetBrains TeamCity before 2023.05 authentication checks were missing – 2FA was not checked for some sensitive account actions

6.5CVSS6.6AI score0.00002EPSS
cve
cveadded 2023/07/12 1:15 p.m.37 views

CVE-2023-38061

In JetBrains TeamCity before 2023.05.1 stored XSS when using a custom theme was possible

5.4CVSS5.2AI score0.00041EPSS
cve
cveadded 2023/05/31 2:15 p.m.36 views

CVE-2023-34223

In JetBrains TeamCity before 2023.05 parameters of the "password" type from build dependencies could be logged in some cases

5.3CVSS5.3AI score0.00003EPSS
cve
cveadded 2023/07/12 1:15 p.m.35 views

CVE-2023-38064

In JetBrains TeamCity before 2023.05.1 build chain parameters of the "password" type could be written to the agent log

6.5CVSS6.4AI score0.00003EPSS
cve
cveadded 2023/07/12 1:15 p.m.35 views

CVE-2023-38067

In JetBrains TeamCity before 2023.05.1 build parameters of the "password" type could be written to the agent log

6.5CVSS6.4AI score0.00003EPSS
cve
cveadded 2023/08/25 1:15 p.m.35 views

CVE-2023-41250

In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during user registration

6.1CVSS6AI score0.0022EPSS
cve
cveadded 2023/06/29 3:15 p.m.34 views

CVE-2015-1313

JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that are returned to the web browser after an initial unauthenticated request.

6.5CVSS6.4AI score0.00002EPSS
cve
cveadded 2023/05/31 2:15 p.m.34 views

CVE-2023-34226

In JetBrains TeamCity before 2023.05 reflected XSS in the Subscriptions page was possible

6.1CVSS5.9AI score0.00017EPSS
cve
cveadded 2023/05/31 2:15 p.m.33 views

CVE-2023-34225

In JetBrains TeamCity before 2023.05 stored XSS in the NuGet feed page was possible

5.4CVSS5.2AI score0.03246EPSS
cve
cveadded 2023/07/12 1:15 p.m.33 views

CVE-2023-38063

In JetBrains TeamCity before 2023.05.1 stored XSS while running custom builds was possible

5.4CVSS5.2AI score0.00041EPSS
cve
cveadded 2023/05/31 2:15 p.m.32 views

CVE-2023-34220

In JetBrains TeamCity before 2023.05 stored XSS in the Commit Status Publisher window was possible

5.4CVSS5.2AI score0.04189EPSS
cve
cveadded 2023/05/31 2:15 p.m.32 views

CVE-2023-34221

In JetBrains TeamCity before 2023.05 stored XSS in the Show Connection page was possible

5.4CVSS5.2AI score0.00041EPSS
cve
cveadded 2023/07/12 1:15 p.m.32 views

CVE-2023-38066

In JetBrains TeamCity before 2023.05.1 reflected XSS via the Referer header was possible during artifact downloads

6.1CVSS5.9AI score0.00022EPSS
cve
cveadded 2023/08/25 1:15 p.m.32 views

CVE-2023-41249

In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during copying Build Step

6.1CVSS6AI score0.80642EPSS
cve
cveadded 2023/07/12 1:15 p.m.29 views

CVE-2023-38062

In JetBrains TeamCity before 2023.05.1 parameters of the "password" type could be shown in the UI in certain composite build configurations

6.5CVSS6.4AI score0.00003EPSS