Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Jetbrains Subscribe
Filtered by product Teamcity
Total 109 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-43197 1 Jetbrains 1 Teamcity 2021-11-09 4.3 MEDIUM 6.1 MEDIUM
In JetBrains TeamCity before 2021.1.2, email notifications could include unescaped HTML for XSS.
CVE-2021-43198 1 Jetbrains 1 Teamcity 2021-11-09 3.5 LOW 5.4 MEDIUM
In JetBrains TeamCity before 2021.1.2, stored XSS is possible.
CVE-2021-43199 1 Jetbrains 1 Teamcity 2021-11-09 5.0 MEDIUM 5.3 MEDIUM
In JetBrains TeamCity before 2021.1.2, permission checks in the Create Patch functionality are insufficient.
CVE-2021-43200 1 Jetbrains 1 Teamcity 2021-11-09 7.5 HIGH 9.8 CRITICAL
In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient.
CVE-2021-43201 1 Jetbrains 1 Teamcity 2021-11-09 5.0 MEDIUM 5.3 MEDIUM
In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project.
CVE-2021-37544 1 Jetbrains 1 Teamcity 2021-08-12 7.5 HIGH 9.8 CRITICAL
In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization.
CVE-2021-37545 1 Jetbrains 1 Teamcity 2021-08-12 5.0 MEDIUM 7.5 HIGH
In JetBrains TeamCity before 2021.1.1, insufficient authentication checks for agent requests were made.
CVE-2021-37542 1 Jetbrains 1 Teamcity 2021-08-12 4.3 MEDIUM 6.1 MEDIUM
In JetBrains TeamCity before 2020.2.3, XSS was possible.
CVE-2021-37547 1 Jetbrains 1 Teamcity 2021-08-12 5.0 MEDIUM 5.3 MEDIUM
In JetBrains TeamCity before 2020.2.4, insufficient checks during file uploading were made.
CVE-2021-37548 1 Jetbrains 1 Teamcity 2021-08-12 5.0 MEDIUM 7.5 HIGH
In JetBrains TeamCity before 2021.1, passwords in cleartext sometimes could be stored in VCS.
CVE-2019-18363 1 Jetbrains 1 Teamcity 2021-07-21 5.0 MEDIUM 5.3 MEDIUM
In JetBrains TeamCity before 2019.1.2, access could be gained to the history of builds of a deleted build configuration under some circumstances.
CVE-2020-15828 1 Jetbrains 1 Teamcity 2021-07-21 4.0 MEDIUM 6.5 MEDIUM
In JetBrains TeamCity before 2020.1.1, project parameter values can be retrieved by a user without appropriate permissions.
CVE-2020-15829 1 Jetbrains 1 Teamcity 2021-07-21 5.0 MEDIUM 5.3 MEDIUM
In JetBrains TeamCity before 2019.2.3, password parameters could be disclosed via build logs.
CVE-2020-15825 1 Jetbrains 1 Teamcity 2021-07-21 6.5 MEDIUM 8.8 HIGH
In JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users' privileges.
CVE-2020-11938 1 Jetbrains 1 Teamcity 2021-07-21 4.0 MEDIUM 4.9 MEDIUM
In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator was able to see scrambled password parameters used in a project. The issue was resolved in 2019.2.2.
CVE-2020-7908 1 Jetbrains 1 Teamcity 2021-07-21 4.3 MEDIUM 4.3 MEDIUM
In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages.
CVE-2020-11686 1 Jetbrains 1 Teamcity 2021-07-21 4.0 MEDIUM 2.7 LOW
In JetBrains TeamCity before 2019.1.4, a project administrator was able to retrieve some TeamCity server settings.
CVE-2020-15826 1 Jetbrains 1 Teamcity 2021-07-21 4.0 MEDIUM 4.3 MEDIUM
In JetBrains TeamCity before 2020.1, users are able to assign more permissions than they have.
CVE-2019-15035 1 Jetbrains 1 Teamcity 2021-07-21 4.0 MEDIUM 4.9 MEDIUM
An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Project administrator could get access to potentially confidential server-level data. The issue was fixed in TeamCity 2018.2.5 and 2019.1.
CVE-2021-26309 1 Jetbrains 1 Teamcity 2021-05-19 2.1 LOW 3.3 LOW
Information disclosure in the TeamCity plugin for IntelliJ before 2020.2.2.85899 was possible because a local temporary file had Insecure Permissions.