Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4358
In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability.
NA
CVE-2024-36363
In JetBrains TeamCity prior to 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 several Stored XSS in code inspection reports were possible
NA
CVE-2024-36364
In JetBrains TeamCity prior to 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible
NA
CVE-2024-36367
In JetBrains TeamCity prior to 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 stored XSS via third-party reports was possible
NA
CVE-2024-36368
In JetBrains TeamCity prior to 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 reflected XSS via OAuth provider configuration was possible
NA
CVE-2024-36374
In JetBrains TeamCity prior to 2024.03.2 stored XSS via build step settings was possible
NA
CVE-2024-36376
In JetBrains TeamCity prior to 2024.03.2 users could perform actions that should not be available to them based on their permissions
NA
CVE-2024-36377
In JetBrains TeamCity prior to 2024.03.2 certain TeamCity API endpoints did not check user permissions
NA
CVE-2024-36470
In JetBrains TeamCity prior to 2022.04.6, 2022.10.5, 2023.05.5, 2023.11.5 authentication bypass was possible in specific edge cases
NA
CVE-2024-36378
In JetBrains TeamCity prior to 2024.03.2 server was susceptible to DoS attacks with incorrect auth tokens
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
malicious code
camera
CVE-2023-46694
CVE-2023-43847
CVE-2023-30311
CVE-2024-27842
CVE-2024-30165
arbitrary code
CVE-2024-21683
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »