Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains teamcity vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-25263
JetBrains TeamCity prior to 2021.2.3 was vulnerable to OS command injection in the Agent Push feature configuration.
Jetbrains Teamcity
5.3
CVSSv3
CVE-2022-38133
In JetBrains TeamCity prior to 2022.04.3 the private SSH key could be written to the server log in some cases
Jetbrains Teamcity
NA
CVE-2014-10036
Cross-site scripting (XSS) vulnerability in JetBrains TeamCity prior to 8.1 allows remote malicious users to inject arbitrary web script or HTML via the cameFromUrl parameter to feed/generateFeedUrl.html.
Jetbrains Teamcity
5.4
CVSSv3
CVE-2022-48427
In JetBrains TeamCity prior to 2022.10.3 stored XSS on “Pending changes” and “Changes” tabs was possible
Jetbrains Teamcity
5.3
CVSSv3
CVE-2021-37546
In JetBrains TeamCity prior to 2021.1, an insecure key generation mechanism for encrypted properties was used.
Jetbrains Teamcity
7.5
CVSSv3
CVE-2020-35667
JetBrains TeamCity Plugin prior to 2020.2.85695 SSRF. Vulnerability that could potentially expose user credentials.
Jetbrains Teamcity
6.1
CVSSv3
CVE-2019-12842
A reflected XSS on a user page was detected on one of the JetBrains TeamCity pages. The issue was fixed in TeamCity 2018.2.2.
Jetbrains Teamcity
6.5
CVSSv3
CVE-2015-1313
JetBrains TeamCity 8 and 9 prior to 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that are returned to the web browser after an initial unauthenticated request.
Jetbrains Teamcity
4.9
CVSSv3
CVE-2022-46831
In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators.
Jetbrains Teamcity
4.9
CVSSv3
CVE-2022-29928
In JetBrains TeamCity prior to 2022.04 leak of secrets in TeamCity agent logs was possible
Jetbrains Teamcity
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »