OpenCVE

Filtered by vendor Jetbrains Subscriptions

Filtered by product Teamcity Subscriptions

Total 173 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-24340	1 Jetbrains	1 Teamcity	2024-08-03	9.8 Critical
In JetBrains TeamCity before 2021.2.1, XXE during the parsing of the configuration file was possible.
CVE-2022-24331	1 Jetbrains	1 Teamcity	2024-08-03	9.8 Critical
In JetBrains TeamCity before 2021.1.4, GitLab authentication impersonation was possible.
CVE-2022-24338	1 Jetbrains	1 Teamcity	2024-08-03	6.1 Medium
JetBrains TeamCity before 2021.2.1 was vulnerable to reflected XSS.
CVE-2022-24341	1 Jetbrains	1 Teamcity	2024-08-03	7.5 High
In JetBrains TeamCity before 2021.2.1, editing a user account to change its password didn't terminate sessions of the edited user.
CVE-2022-24333	1 Jetbrains	1 Teamcity	2024-08-03	6.5 Medium
In JetBrains TeamCity before 2021.2, blind SSRF via an XML-RPC call was possible.
CVE-2022-24342	1 Jetbrains	1 Teamcity	2024-08-03	8.8 High
In JetBrains TeamCity before 2021.2.1, URL injection leading to CSRF was possible.
CVE-2023-50870	1 Jetbrains	1 Teamcity	2024-08-02	4.3 Medium
In JetBrains TeamCity before 2023.11.1 a CSRF on login was possible
CVE-2023-42793	1 Jetbrains	1 Teamcity	2024-08-02	9.8 Critical
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
CVE-2023-34226	1 Jetbrains	1 Teamcity	2024-08-02	4.6 Medium
In JetBrains TeamCity before 2023.05 reflected XSS in the Subscriptions page was possible
CVE-2023-34219	1 Jetbrains	1 Teamcity	2024-08-02	4.3 Medium
In JetBrains TeamCity before 2023.05 improper permission checks allowed users without appropriate permissions to edit Build Configuration settings via REST API
CVE-2023-34222	1 Jetbrains	1 Teamcity	2024-08-02	4.6 Medium
In JetBrains TeamCity before 2023.05 possible XSS in the Plugin Vendor URL was possible
CVE-2023-34224	1 Jetbrains	1 Teamcity	2024-08-02	4.8 Medium
In JetBrains TeamCity before 2023.05 open redirect during oAuth configuration was possible
CVE-2023-34227	1 Jetbrains	1 Teamcity	2024-08-02	5.3 Medium
In JetBrains TeamCity before 2023.05 a specific endpoint was vulnerable to brute force attacks
CVE-2023-34229	1 Jetbrains	1 Teamcity	2024-08-02	4.6 Medium
In JetBrains TeamCity before 2023.05 stored XSS in GitLab Connection page was possible
CVE-2023-34221	1 Jetbrains	1 Teamcity	2024-08-02	4.6 Medium
In JetBrains TeamCity before 2023.05 stored XSS in the Show Connection page was possible
CVE-2023-34225	1 Jetbrains	1 Teamcity	2024-08-02	4.6 Medium
In JetBrains TeamCity before 2023.05 stored XSS in the NuGet feed page was possible
CVE-2023-34228	1 Jetbrains	1 Teamcity	2024-08-02	5.3 Medium
In JetBrains TeamCity before 2023.05 authentication checks were missing – 2FA was not checked for some sensitive account actions
CVE-2023-34223	1 Jetbrains	1 Teamcity	2024-08-02	4.3 Medium
In JetBrains TeamCity before 2023.05 parameters of the "password" type from build dependencies could be logged in some cases
CVE-2023-34218	1 Jetbrains	1 Teamcity	2024-08-02	9.1 Critical
In JetBrains TeamCity before 2023.05 bypass of permission checks allowing to perform admin actions was possible
CVE-2023-34220	1 Jetbrains	1 Teamcity	2024-08-02	4.6 Medium
In JetBrains TeamCity before 2023.05 stored XSS in the Commit Status Publisher window was possible

« first previous Page 8 of 9. next last »