Teamcity

teamcity

Vendor: Jetbrains • 269 CVEs

CVEs (269)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-43194 1Jetbrains 1Teamcity Nov 21, 2024 Nov 9, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In JetBrains TeamCity before 2021.1.2, user enumeration was possible.
CVE-2021-43193 1Jetbrains 1Teamcity Nov 21, 2024 Nov 9, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In JetBrains TeamCity before 2021.1.2, remote code execution via the agent push functionality is possible.
CVE-2021-37548 1Jetbrains 1Teamcity Nov 21, 2024 Aug 6, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In JetBrains TeamCity before 2021.1, passwords in cleartext sometimes could be stored in VCS.
CVE-2021-37547 1Jetbrains 1Teamcity Nov 21, 2024 Aug 6, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In JetBrains TeamCity before 2020.2.4, insufficient checks during file uploading were made.
CVE-2021-37546 1Jetbrains 1Teamcity Nov 21, 2024 Aug 6, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted properties was used.
CVE-2021-37545 1Jetbrains 1Teamcity Nov 21, 2024 Aug 6, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In JetBrains TeamCity before 2021.1.1, insufficient authentication checks for agent requests were made.
CVE-2021-37544 1Jetbrains 1Teamcity Nov 21, 2024 Aug 6, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization.
CVE-2021-37542 1Jetbrains 1Teamcity Nov 21, 2024 Aug 6, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 In JetBrains TeamCity before 2020.2.3, XSS was possible.
CVE-2021-31915 1Jetbrains 1Teamcity Nov 21, 2024 May 11, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In JetBrains TeamCity before 2020.2.4, OS command injection leading to remote code execution was possible.
CVE-2021-31914 1Jetbrains 1Teamcity Nov 21, 2024 May 11, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In JetBrains TeamCity before 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was possible.
CVE-2021-31913 1Jetbrains 1Teamcity Nov 21, 2024 May 11, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during GitHub SSO token exchange.
CVE-2021-31912 1Jetbrains 1Teamcity Nov 21, 2024 May 11, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 In JetBrains TeamCity before 2020.2.3, account takeover was potentially possible during a password reset.
CVE-2021-31911 1Jetbrains 1Teamcity Nov 21, 2024 May 11, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 In JetBrains TeamCity before 2020.2.3, reflected XSS was possible on several pages.
CVE-2021-31910 1Jetbrains 1Teamcity Nov 21, 2024 May 11, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In JetBrains TeamCity before 2020.2.3, information disclosure via SSRF was possible.
CVE-2021-3315 1Jetbrains 1Teamcity Nov 21, 2024 May 11, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 In JetBrains TeamCity before 2020.2.2, stored XSS on a tests page was possible.
CVE-2021-31909 1Jetbrains 1Teamcity Nov 21, 2024 May 11, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible.
CVE-2021-31908 1Jetbrains 1Teamcity Nov 21, 2024 May 11, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 In JetBrains TeamCity before 2020.2.3, stored XSS was possible on several pages.
CVE-2021-31907 1Jetbrains 1Teamcity Nov 21, 2024 May 11, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In JetBrains TeamCity before 2020.2.2, permission checks for changing TeamCity plugins were implemented improperly.
CVE-2021-31906 1Jetbrains 1Teamcity Nov 21, 2024 May 11, 2021 N/A· v4 2.7 LOW· v3 4.0 MEDIUM· v2 In JetBrains TeamCity before 2020.2.2, audit logs were not sufficient when an administrator uploaded a file.
CVE-2021-31904 1Jetbrains 1Teamcity Nov 21, 2024 May 11, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 In JetBrains TeamCity before 2020.2.2, XSS was potentially possible on the test history page.

Previous 1...101112 13 14 Next