Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Jetbrains Subscribe
Filtered by product Teamcity
Total 109 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-26310 1 Jetbrains 1 Teamcity 2021-05-19 5.0 MEDIUM 7.5 HIGH
In the TeamCity IntelliJ plugin before 2020.2.2.85899, DoS was possible.
CVE-2021-31910 1 Jetbrains 1 Teamcity 2021-05-17 5.0 MEDIUM 7.5 HIGH
In JetBrains TeamCity before 2020.2.3, information disclosure via SSRF was possible.
CVE-2021-31912 1 Jetbrains 1 Teamcity 2021-05-17 6.8 MEDIUM 8.8 HIGH
In JetBrains TeamCity before 2020.2.3, account takeover was potentially possible during a password reset.
CVE-2021-31913 1 Jetbrains 1 Teamcity 2021-05-17 5.0 MEDIUM 7.5 HIGH
In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during GitHub SSO token exchange.
CVE-2021-31914 2 Jetbrains, Microsoft 2 Teamcity, Windows 2021-05-17 7.5 HIGH 9.8 CRITICAL
In JetBrains TeamCity before 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was possible.
CVE-2021-31915 1 Jetbrains 1 Teamcity 2021-05-17 7.5 HIGH 9.8 CRITICAL
In JetBrains TeamCity before 2020.2.4, OS command injection leading to remote code execution was possible.
CVE-2021-31904 1 Jetbrains 1 Teamcity 2021-05-14 4.3 MEDIUM 6.1 MEDIUM
In JetBrains TeamCity before 2020.2.2, XSS was potentially possible on the test history page.
CVE-2021-31911 1 Jetbrains 1 Teamcity 2021-05-14 4.3 MEDIUM 6.1 MEDIUM
In JetBrains TeamCity before 2020.2.3, reflected XSS was possible on several pages.
CVE-2021-31906 1 Jetbrains 1 Teamcity 2021-05-14 4.0 MEDIUM 2.7 LOW
In JetBrains TeamCity before 2020.2.2, audit logs were not sufficient when an administrator uploaded a file.
CVE-2021-31907 1 Jetbrains 1 Teamcity 2021-05-14 5.0 MEDIUM 5.3 MEDIUM
In JetBrains TeamCity before 2020.2.2, permission checks for changing TeamCity plugins were implemented improperly.
CVE-2021-31909 1 Jetbrains 1 Teamcity 2021-05-14 7.5 HIGH 9.8 CRITICAL
In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible.
CVE-2021-3315 1 Jetbrains 1 Teamcity 2021-05-13 3.5 LOW 5.4 MEDIUM
In JetBrains TeamCity before 2020.2.2, stored XSS on a tests page was possible.
CVE-2021-31908 1 Jetbrains 1 Teamcity 2021-05-13 3.5 LOW 5.4 MEDIUM
In JetBrains TeamCity before 2020.2.3, stored XSS was possible on several pages.
CVE-2020-35667 1 Jetbrains 1 Teamcity 2021-02-05 5.0 MEDIUM 7.5 HIGH
JetBrains TeamCity Plugin before 2020.2.85695 SSRF. Vulnerability that could potentially expose user credentials.
CVE-2021-25774 1 Jetbrains 1 Teamcity 2021-02-05 4.0 MEDIUM 4.3 MEDIUM
In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user.
CVE-2021-25772 1 Jetbrains 1 Teamcity 2021-02-04 5.0 MEDIUM 5.3 MEDIUM
In JetBrains TeamCity before 2020.2.2, TeamCity server DoS was possible via server integration.
CVE-2021-25776 1 Jetbrains 1 Teamcity 2021-02-04 5.0 MEDIUM 7.5 HIGH
In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters.
CVE-2021-25777 1 Jetbrains 1 Teamcity 2021-02-04 5.0 MEDIUM 5.3 MEDIUM
In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly.
CVE-2021-25773 1 Jetbrains 1 Teamcity 2021-02-04 4.3 MEDIUM 6.1 MEDIUM
JetBrains TeamCity before 2020.2 was vulnerable to reflected XSS on several pages.
CVE-2019-12157 1 Jetbrains 2 Teamcity, Upsource 2021-01-26 10.0 HIGH 9.8 CRITICAL
In JetBrains UpSource versions before 2018.2 build 1293, there is credential disclosure via RPC commands.