Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (254 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-48426 1 Jetbrains 1 Teamcity 2025-02-19 4.6 Medium
In JetBrains TeamCity before 2022.10.3 stored XSS in Perforce connection settings was possible
CVE-2022-48428 1 Jetbrains 1 Teamcity 2025-02-19 4.6 Medium
In JetBrains TeamCity before 2022.10.3 stored XSS on the SSH keys page was possible
CVE-2022-48427 1 Jetbrains 1 Teamcity 2025-02-19 4.6 Medium
In JetBrains TeamCity before 2022.10.3 stored XSS on “Pending changes” and “Changes” tabs was possible
CVE-2024-36371 1 Jetbrains 1 Teamcity 2025-02-07 4.6 Medium
In JetBrains TeamCity before 2023.05.6, 2023.11.5 stored XSS in Commit status publisher was possible
CVE-2024-36470 1 Jetbrains 1 Teamcity 2025-02-07 8.1 High
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 authentication bypass was possible in specific edge cases
CVE-2025-24461 1 Jetbrains 1 Teamcity 2025-01-30 6.5 Medium
In JetBrains TeamCity before 2024.12.1 decryption of connection secrets without proper permissions was possible via Test Connection endpoint
CVE-2025-24460 1 Jetbrains 1 Teamcity 2025-01-30 4.3 Medium
In JetBrains TeamCity before 2024.12.1 improper access control allowed to see Projects’ names in the agent pool
CVE-2025-24459 1 Jetbrains 1 Teamcity 2025-01-30 4.6 Medium
In JetBrains TeamCity before 2024.12.1 reflected XSS was possible on the Vault Connection page
CVE-2024-36378 1 Jetbrains 1 Teamcity 2025-01-27 5.9 Medium
In JetBrains TeamCity before 2024.03.2 server was susceptible to DoS attacks with incorrect auth tokens
CVE-2024-36377 1 Jetbrains 1 Teamcity 2025-01-27 6.5 Medium
In JetBrains TeamCity before 2024.03.2 certain TeamCity API endpoints did not check user permissions
CVE-2024-36376 1 Jetbrains 1 Teamcity 2025-01-27 6.5 Medium
In JetBrains TeamCity before 2024.03.2 users could perform actions that should not be available to them based on their permissions
CVE-2024-36375 1 Jetbrains 1 Teamcity 2025-01-27 5.3 Medium
In JetBrains TeamCity before 2024.03.2 technical information regarding TeamCity server could be exposed
CVE-2024-36374 1 Jetbrains 1 Teamcity 2025-01-27 4.6 Medium
In JetBrains TeamCity before 2024.03.2 stored XSS via build step settings was possible
CVE-2024-36373 1 Jetbrains 1 Teamcity 2025-01-27 4.6 Medium
In JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible
CVE-2024-36372 1 Jetbrains 1 Teamcity 2025-01-27 4.6 Medium
In JetBrains TeamCity before 2023.05.6 reflected XSS on the subscriptions page was possible
CVE-2023-34218 1 Jetbrains 1 Teamcity 2025-01-09 9.1 Critical
In JetBrains TeamCity before 2023.05 bypass of permission checks allowing to perform admin actions was possible
CVE-2023-34219 1 Jetbrains 1 Teamcity 2025-01-09 4.3 Medium
In JetBrains TeamCity before 2023.05 improper permission checks allowed users without appropriate permissions to edit Build Configuration settings via REST API
CVE-2023-34221 1 Jetbrains 1 Teamcity 2025-01-09 4.6 Medium
In JetBrains TeamCity before 2023.05 stored XSS in the Show Connection page was possible
CVE-2023-34222 1 Jetbrains 1 Teamcity 2025-01-09 4.6 Medium
In JetBrains TeamCity before 2023.05 possible XSS in the Plugin Vendor URL was possible
CVE-2023-34223 1 Jetbrains 1 Teamcity 2025-01-09 4.3 Medium
In JetBrains TeamCity before 2023.05 parameters of the "password" type from build dependencies could be logged in some cases