Show filters
211 Total Results
Displaying 51-60 of 211
Sort by:
Attacker Value
Unknown

CVE-2024-36366

Disclosure Date: May 29, 2024 (last updated December 18, 2024)
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 an XSS could be executed via certain report grouping and filtering operations
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-36365

Disclosure Date: May 29, 2024 (last updated December 18, 2024)
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-36364

Disclosure Date: May 29, 2024 (last updated December 18, 2024)
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 improper access control in Pull Requests and Commit status publisher build features was possible
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-36363

Disclosure Date: May 29, 2024 (last updated December 18, 2024)
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 several Stored XSS in code inspection reports were possible
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-36362

Disclosure Date: May 29, 2024 (last updated December 18, 2024)
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5, 2024.03.2 path traversal allowing to read files from server was possible
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-35302

Disclosure Date: May 16, 2024 (last updated December 18, 2024)
In JetBrains TeamCity before 2023.11 stored XSS during restore from backup was possible
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-35301

Disclosure Date: May 16, 2024 (last updated December 18, 2024)
In JetBrains TeamCity before 2024.03.1 commit status publisher didn't check project scope of the GitHub App token
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-35300

Disclosure Date: May 16, 2024 (last updated December 18, 2024)
In JetBrains TeamCity between 2024.03 and 2024.03.1 several stored XSS in the available updates page were possible
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-31140

Disclosure Date: March 28, 2024 (last updated December 18, 2024)
In JetBrains TeamCity before 2024.03 server administrators could remove arbitrary files from the server by installing tools
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-31139

Disclosure Date: March 28, 2024 (last updated December 18, 2024)
In JetBrains TeamCity before 2024.03 xXE was possible in the Maven build steps detector
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
View More Topics  < Previous  Next >