Filtered by vendor Jetbrains
Subscriptions
Filtered by product Teamcity
Subscriptions
Total
150 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-18365 | 1 Jetbrains | 1 Teamcity | 2019-11-07 | 4.3 Medium |
In JetBrains TeamCity before 2019.1.4, reverse tabnabbing was possible on several pages. | ||||
CVE-2019-18366 | 1 Jetbrains | 1 Teamcity | 2019-11-04 | 5.3 Medium |
In JetBrains TeamCity before 2019.1.2, secure values could be exposed to users with the "View build runtime parameters and data" permission. | ||||
CVE-2019-18367 | 1 Jetbrains | 1 Teamcity | 2019-11-04 | 5.3 Medium |
In JetBrains TeamCity before 2019.1.2, a non-destructive operation could be performed by a user without the corresponding permissions. | ||||
CVE-2019-18364 | 1 Jetbrains | 1 Teamcity | 2019-11-01 | 9.8 Critical |
In JetBrains TeamCity before 2019.1.4, insecure Java Deserialization could potentially allow remote code execution. | ||||
CVE-2019-15042 | 1 Jetbrains | 1 Teamcity | 2019-10-07 | 7.5 High |
An issue was discovered in JetBrains TeamCity 2018.2.4. It had no SSL certificate validation for some external https connections. This was fixed in TeamCity 2019.1. | ||||
CVE-2019-15036 | 1 Jetbrains | 1 Teamcity | 2019-10-03 | 7.2 High |
An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Project administrator could execute any command on the server machine. The issue was fixed in TeamCity 2018.2.5 and 2019.1. | ||||
CVE-2019-15037 | 1 Jetbrains | 1 Teamcity | 2019-10-03 | 6.1 Medium |
An issue was discovered in JetBrains TeamCity 2018.2.4. It had several XSS vulnerabilities on the settings pages. The issues were fixed in TeamCity 2019.1. | ||||
CVE-2019-12841 | 1 Jetbrains | 1 Teamcity | 2019-07-09 | N/A |
Incorrect handling of user input in ZIP extraction was detected in JetBrains TeamCity. The issue was fixed in TeamCity 2018.2.2. | ||||
CVE-2019-12842 | 1 Jetbrains | 1 Teamcity | 2019-07-05 | N/A |
A reflected XSS on a user page was detected on one of the JetBrains TeamCity pages. The issue was fixed in TeamCity 2018.2.2. | ||||
CVE-2014-10036 | 1 Jetbrains | 1 Teamcity | 2017-09-08 | N/A |
Cross-site scripting (XSS) vulnerability in JetBrains TeamCity before 8.1 allows remote attackers to inject arbitrary web script or HTML via the cameFromUrl parameter to feed/generateFeedUrl.html. |