Filtered by vendor Jetbrains
Subscriptions
Filtered by product Teamcity
Subscriptions
Total
150 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-43194 | 1 Jetbrains | 1 Teamcity | 2021-11-10 | 5.3 Medium |
| In JetBrains TeamCity before 2021.1.2, user enumeration was possible. | ||||
| CVE-2021-43195 | 1 Jetbrains | 1 Teamcity | 2021-11-09 | 5.3 Medium |
| In JetBrains TeamCity before 2021.1.2, some HTTP security headers were missing. | ||||
| CVE-2021-43197 | 1 Jetbrains | 1 Teamcity | 2021-11-09 | 6.1 Medium |
| In JetBrains TeamCity before 2021.1.2, email notifications could include unescaped HTML for XSS. | ||||
| CVE-2021-43198 | 1 Jetbrains | 1 Teamcity | 2021-11-09 | 5.4 Medium |
| In JetBrains TeamCity before 2021.1.2, stored XSS is possible. | ||||
| CVE-2021-43199 | 1 Jetbrains | 1 Teamcity | 2021-11-09 | 5.3 Medium |
| In JetBrains TeamCity before 2021.1.2, permission checks in the Create Patch functionality are insufficient. | ||||
| CVE-2021-43200 | 1 Jetbrains | 1 Teamcity | 2021-11-09 | 9.8 Critical |
| In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient. | ||||
| CVE-2021-43201 | 1 Jetbrains | 1 Teamcity | 2021-11-09 | 5.3 Medium |
| In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project. | ||||
| CVE-2021-37545 | 1 Jetbrains | 1 Teamcity | 2021-08-12 | 7.5 High |
| In JetBrains TeamCity before 2021.1.1, insufficient authentication checks for agent requests were made. | ||||
| CVE-2021-37544 | 1 Jetbrains | 1 Teamcity | 2021-08-12 | 9.8 Critical |
| In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization. | ||||
| CVE-2021-37542 | 1 Jetbrains | 1 Teamcity | 2021-08-12 | 6.1 Medium |
| In JetBrains TeamCity before 2020.2.3, XSS was possible. | ||||
| CVE-2021-37548 | 1 Jetbrains | 1 Teamcity | 2021-08-12 | 7.5 High |
| In JetBrains TeamCity before 2021.1, passwords in cleartext sometimes could be stored in VCS. | ||||
| CVE-2021-37547 | 1 Jetbrains | 1 Teamcity | 2021-08-12 | 5.3 Medium |
| In JetBrains TeamCity before 2020.2.4, insufficient checks during file uploading were made. | ||||
| CVE-2020-15825 | 1 Jetbrains | 1 Teamcity | 2021-07-21 | 8.8 High |
| In JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users' privileges. | ||||
| CVE-2019-15035 | 1 Jetbrains | 1 Teamcity | 2021-07-21 | 4.9 Medium |
| An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Project administrator could get access to potentially confidential server-level data. The issue was fixed in TeamCity 2018.2.5 and 2019.1. | ||||
| CVE-2019-18363 | 1 Jetbrains | 1 Teamcity | 2021-07-21 | 5.3 Medium |
| In JetBrains TeamCity before 2019.1.2, access could be gained to the history of builds of a deleted build configuration under some circumstances. | ||||
| CVE-2020-7908 | 1 Jetbrains | 1 Teamcity | 2021-07-21 | 4.3 Medium |
| In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages. | ||||
| CVE-2020-15829 | 1 Jetbrains | 1 Teamcity | 2021-07-21 | 5.3 Medium |
| In JetBrains TeamCity before 2019.2.3, password parameters could be disclosed via build logs. | ||||
| CVE-2020-11686 | 1 Jetbrains | 1 Teamcity | 2021-07-21 | 2.7 Low |
| In JetBrains TeamCity before 2019.1.4, a project administrator was able to retrieve some TeamCity server settings. | ||||
| CVE-2020-11938 | 1 Jetbrains | 1 Teamcity | 2021-07-21 | 4.9 Medium |
| In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator was able to see scrambled password parameters used in a project. The issue was resolved in 2019.2.2. | ||||
| CVE-2020-15828 | 1 Jetbrains | 1 Teamcity | 2021-07-21 | 6.5 Medium |
| In JetBrains TeamCity before 2020.1.1, project parameter values can be retrieved by a user without appropriate permissions. | ||||