Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (240 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-46831 1 Jetbrains 1 Teamcity 2025-04-22 6.6 Medium
In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators.
CVE-2014-10002 1 Jetbrains 1 Teamcity 2025-04-12 N/A
Unspecified vulnerability in JetBrains TeamCity before 8.1 allows remote attackers to obtain sensitive information via unknown vectors.
CVE-2014-10036 1 Jetbrains 1 Teamcity 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in JetBrains TeamCity before 8.1 allows remote attackers to inject arbitrary web script or HTML via the cameFromUrl parameter to feed/generateFeedUrl.html.
CVE-2022-48342 1 Jetbrains 1 Teamcity 2025-03-12 5.2 Medium
In JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents.
CVE-2022-48344 1 Jetbrains 1 Teamcity 2025-03-11 5.4 Medium
In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the group creation process.
CVE-2022-48343 1 Jetbrains 1 Teamcity 2025-03-11 5.4 Medium
In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the user creation process.
CVE-2022-48426 1 Jetbrains 1 Teamcity 2025-02-19 4.6 Medium
In JetBrains TeamCity before 2022.10.3 stored XSS in Perforce connection settings was possible
CVE-2022-48428 1 Jetbrains 1 Teamcity 2025-02-19 4.6 Medium
In JetBrains TeamCity before 2022.10.3 stored XSS on the SSH keys page was possible
CVE-2022-48427 1 Jetbrains 1 Teamcity 2025-02-19 4.6 Medium
In JetBrains TeamCity before 2022.10.3 stored XSS on “Pending changes” and “Changes” tabs was possible
CVE-2024-36371 1 Jetbrains 1 Teamcity 2025-02-07 4.6 Medium
In JetBrains TeamCity before 2023.05.6, 2023.11.5 stored XSS in Commit status publisher was possible
CVE-2024-36470 1 Jetbrains 1 Teamcity 2025-02-07 8.1 High
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 authentication bypass was possible in specific edge cases
CVE-2025-24461 1 Jetbrains 1 Teamcity 2025-01-30 6.5 Medium
In JetBrains TeamCity before 2024.12.1 decryption of connection secrets without proper permissions was possible via Test Connection endpoint
CVE-2025-24460 1 Jetbrains 1 Teamcity 2025-01-30 4.3 Medium
In JetBrains TeamCity before 2024.12.1 improper access control allowed to see Projects’ names in the agent pool
CVE-2025-24459 1 Jetbrains 1 Teamcity 2025-01-30 4.6 Medium
In JetBrains TeamCity before 2024.12.1 reflected XSS was possible on the Vault Connection page
CVE-2024-36378 1 Jetbrains 1 Teamcity 2025-01-27 5.9 Medium
In JetBrains TeamCity before 2024.03.2 server was susceptible to DoS attacks with incorrect auth tokens
CVE-2024-36377 1 Jetbrains 1 Teamcity 2025-01-27 6.5 Medium
In JetBrains TeamCity before 2024.03.2 certain TeamCity API endpoints did not check user permissions
CVE-2024-36376 1 Jetbrains 1 Teamcity 2025-01-27 6.5 Medium
In JetBrains TeamCity before 2024.03.2 users could perform actions that should not be available to them based on their permissions
CVE-2024-36375 1 Jetbrains 1 Teamcity 2025-01-27 5.3 Medium
In JetBrains TeamCity before 2024.03.2 technical information regarding TeamCity server could be exposed
CVE-2024-36374 1 Jetbrains 1 Teamcity 2025-01-27 4.6 Medium
In JetBrains TeamCity before 2024.03.2 stored XSS via build step settings was possible
CVE-2024-36373 1 Jetbrains 1 Teamcity 2025-01-27 4.6 Medium
In JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible