Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Jetbrains Subscribe
Filtered by product Teamcity

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 11 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-24331 1 Jetbrains 1 Teamcity 2023-08-08 7.5 HIGH 9.8 CRITICAL
In JetBrains TeamCity before 2021.1.4, GitLab authentication impersonation was possible.
CVE-2021-43202 1 Jetbrains 1 Teamcity 2021-12-01 7.5 HIGH 9.8 CRITICAL
In JetBrains TeamCity before 2021.1.3, the X-Frame-Options header is missing in some cases.
CVE-2021-43193 1 Jetbrains 1 Teamcity 2021-11-10 7.5 HIGH 9.8 CRITICAL
In JetBrains TeamCity before 2021.1.2, remote code execution via the agent push functionality is possible.
CVE-2021-43200 1 Jetbrains 1 Teamcity 2021-11-09 7.5 HIGH 9.8 CRITICAL
In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient.
CVE-2021-37544 1 Jetbrains 1 Teamcity 2021-08-12 7.5 HIGH 9.8 CRITICAL
In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization.
CVE-2021-31914 2 Jetbrains, Microsoft 2 Teamcity, Windows 2021-05-17 7.5 HIGH 9.8 CRITICAL
In JetBrains TeamCity before 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was possible.
CVE-2021-31915 1 Jetbrains 1 Teamcity 2021-05-17 7.5 HIGH 9.8 CRITICAL
In JetBrains TeamCity before 2020.2.4, OS command injection leading to remote code execution was possible.
CVE-2021-31909 1 Jetbrains 1 Teamcity 2021-05-14 7.5 HIGH 9.8 CRITICAL
In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible.
CVE-2019-12157 1 Jetbrains 2 Teamcity, Upsource 2021-01-26 10.0 HIGH 9.8 CRITICAL
In JetBrains UpSource versions before 2018.2 build 1293, there is credential disclosure via RPC commands.
CVE-2019-15039 1 Jetbrains 1 Teamcity 2020-08-24 6.8 MEDIUM 9.8 CRITICAL
An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possible remote code execution issue. This was fixed in TeamCity 2019.1.
CVE-2019-18364 1 Jetbrains 1 Teamcity 2019-11-01 7.5 HIGH 9.8 CRITICAL
In JetBrains TeamCity before 2019.1.4, insecure Java Deserialization could potentially allow remote code execution.