Show filters
456 Total Results
Displaying 51-60 of 456
Sort by:
Attacker Value
Unknown

CVE-2024-47159

Disclosure Date: September 19, 2024 (last updated September 25, 2024)
In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore workflows attached to a project
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-46970

Disclosure Date: September 16, 2024 (last updated September 21, 2024)
In JetBrains IntelliJ IDEA before 2024.1 hTML injection via the project name was possible
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-43810

Disclosure Date: August 16, 2024 (last updated August 20, 2024)
In JetBrains TeamCity before 2024.07.1 reflected XSS was possible in the AWS Core plugin
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-43809

Disclosure Date: August 16, 2024 (last updated August 20, 2024)
In JetBrains TeamCity before 2024.07.1 reflected XSS was possible on the agentPushPreset page
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-43808

Disclosure Date: August 16, 2024 (last updated August 20, 2024)
In JetBrains TeamCity before 2024.07.1 self XSS was possible in the HashiCorp Vault plugin
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-43807

Disclosure Date: August 16, 2024 (last updated August 20, 2024)
In JetBrains TeamCity before 2024.07.1 multiple stored XSS was possible on Clouds page
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-43114

Disclosure Date: August 06, 2024 (last updated September 12, 2024)
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissions
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-41829

Disclosure Date: July 22, 2024 (last updated August 15, 2024)
In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space Application connection
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-41828

Disclosure Date: July 22, 2024 (last updated August 08, 2024)
In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-41827

Disclosure Date: July 22, 2024 (last updated August 08, 2024)
In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or expiration
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  < Previous  Next >