Show filters
211 Total Results
Displaying 21-30 of 211
Sort by:
Attacker Value
Unknown

CVE-2024-47950

Disclosure Date: October 08, 2024 (last updated October 12, 2024)
In JetBrains TeamCity before 2024.07.3 stored XSS was possible in Backup configuration settings
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-47949

Disclosure Date: October 08, 2024 (last updated October 12, 2024)
In JetBrains TeamCity before 2024.07.3 path traversal allowed backup file write to arbitrary location
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-47948

Disclosure Date: October 08, 2024 (last updated October 12, 2024)
In JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was possible via server backups
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-47161

Disclosure Date: October 08, 2024 (last updated October 12, 2024)
In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST API
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-43810

Disclosure Date: August 16, 2024 (last updated August 20, 2024)
In JetBrains TeamCity before 2024.07.1 reflected XSS was possible in the AWS Core plugin
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-43809

Disclosure Date: August 16, 2024 (last updated August 20, 2024)
In JetBrains TeamCity before 2024.07.1 reflected XSS was possible on the agentPushPreset page
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-43808

Disclosure Date: August 16, 2024 (last updated August 20, 2024)
In JetBrains TeamCity before 2024.07.1 self XSS was possible in the HashiCorp Vault plugin
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-43807

Disclosure Date: August 16, 2024 (last updated August 20, 2024)
In JetBrains TeamCity before 2024.07.1 multiple stored XSS was possible on Clouds page
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-43114

Disclosure Date: August 06, 2024 (last updated September 12, 2024)
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissions
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-41829

Disclosure Date: July 22, 2024 (last updated August 15, 2024)
In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space Application connection
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  < Previous  Next >