In JetBrains TeamCity prior to 2019.1.4, insecure Java Deserialization could potentially allow remote code execution.
jetbrains teamcity