Search Results (364156 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-31915 1 Jetbrains 1 Teamcity 2024-11-21 9.8 Critical
In JetBrains TeamCity before 2020.2.4, OS command injection leading to remote code execution was possible.
CVE-2021-31914 2 Jetbrains, Microsoft 2 Teamcity, Windows 2024-11-21 9.8 Critical
In JetBrains TeamCity before 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was possible.
CVE-2021-31913 1 Jetbrains 1 Teamcity 2024-11-21 7.5 High
In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during GitHub SSO token exchange.
CVE-2021-31912 1 Jetbrains 1 Teamcity 2024-11-21 8.8 High
In JetBrains TeamCity before 2020.2.3, account takeover was potentially possible during a password reset.
CVE-2021-31911 1 Jetbrains 1 Teamcity 2024-11-21 6.1 Medium
In JetBrains TeamCity before 2020.2.3, reflected XSS was possible on several pages.
CVE-2021-31910 1 Jetbrains 1 Teamcity 2024-11-21 7.5 High
In JetBrains TeamCity before 2020.2.3, information disclosure via SSRF was possible.
CVE-2021-31909 1 Jetbrains 1 Teamcity 2024-11-21 9.8 Critical
In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible.
CVE-2021-31908 1 Jetbrains 1 Teamcity 2024-11-21 5.4 Medium
In JetBrains TeamCity before 2020.2.3, stored XSS was possible on several pages.
CVE-2021-31907 1 Jetbrains 1 Teamcity 2024-11-21 5.3 Medium
In JetBrains TeamCity before 2020.2.2, permission checks for changing TeamCity plugins were implemented improperly.
CVE-2021-31906 1 Jetbrains 1 Teamcity 2024-11-21 2.7 Low
In JetBrains TeamCity before 2020.2.2, audit logs were not sufficient when an administrator uploaded a file.
CVE-2021-31905 1 Jetbrains 1 Youtrack 2024-11-21 7.5 High
In JetBrains YouTrack before 2020.6.8801, information disclosure in an issue preview was possible.
CVE-2021-31904 1 Jetbrains 1 Teamcity 2024-11-21 6.1 Medium
In JetBrains TeamCity before 2020.2.2, XSS was potentially possible on the test history page.
CVE-2021-31903 1 Jetbrains 1 Youtrack 2024-11-21 6.1 Medium
In JetBrains YouTrack before 2021.1.9819, a pull request's title was sanitized insufficiently, leading to XSS.
CVE-2021-31902 1 Jetbrains 1 Youtrack 2024-11-21 7.5 High
In JetBrains YouTrack before 2020.6.6600, access control during the exporting of issues was implemented improperly.
CVE-2021-31901 1 Jetbrains 1 Hub 2024-11-21 7.5 High
In JetBrains Hub before 2021.1.13079, two-factor authentication wasn't enabled properly for the All Users group.
CVE-2021-31900 1 Jetbrains 1 Code With Me 2024-11-21 5.3 Medium
In JetBrains Code With Me bundled to the compatible IDE versions before 2021.1, a client could open a browser on a host.
CVE-2021-31899 1 Jetbrains 1 Code With Me 2024-11-21 8.8 High
In JetBrains Code With Me bundled to the compatible IDEs before version 2021.1, the client could execute code in read-only mode.
CVE-2021-31898 1 Jetbrains 1 Webstorm 2024-11-21 7.5 High
In JetBrains WebStorm before 2021.1, HTTP requests were used instead of HTTPS.
CVE-2021-31897 1 Jetbrains 1 Webstorm 2024-11-21 9.8 Critical
In JetBrains WebStorm before 2021.1, code execution without user confirmation was possible for untrusted projects.
CVE-2021-31894 1 Siemens 8 Simatic Pcs 7, Simatic Pcs 7 Firmware, Simatic Pdm and 5 more 2024-11-21 8.8 High
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All versions < V9.1 SP2), SIMATIC PDM (All versions < V9.2 SP2), SIMATIC STEP 7 V5.X (All versions < V5.7), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 SP2 HF1). A directory containing metafiles relevant to devices' configurations has write permissions. An attacker could leverage this vulnerability by changing the content of certain metafiles and subsequently manipulate parameters or behavior of devices that would be later configured by the affected software.