Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Jetbrains Subscribe
Filtered by product Teamcity
Total 254 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-67739 1 Jetbrains 1 Teamcity 2025-12-23 N/A 3.1 LOW
In JetBrains TeamCity before 2025.11.2 improper repository URL validation could lead to local paths disclosure
CVE-2025-68162 1 Jetbrains 1 Teamcity 2025-12-18 N/A 2.7 LOW
In JetBrains TeamCity before 2025.11 maven embedder allowed loading extensions via project configuration
CVE-2025-68163 1 Jetbrains 1 Teamcity 2025-12-18 N/A 3.5 LOW
In JetBrains TeamCity before 2025.11 stored XSS was possible on agentpushInstall page
CVE-2025-68164 1 Jetbrains 1 Teamcity 2025-12-18 N/A 2.7 LOW
In JetBrains TeamCity before 2025.11 port enumeration was possible via the Perforce connection test
CVE-2025-68165 1 Jetbrains 1 Teamcity 2025-12-18 N/A 5.4 MEDIUM
In JetBrains TeamCity before 2025.11 reflected XSS was possible on VCS Root setup
CVE-2025-68166 1 Jetbrains 1 Teamcity 2025-12-18 N/A 5.4 MEDIUM
In JetBrains TeamCity before 2025.11 a DOM-based XSS was possible on the OAuth connections tab
CVE-2025-68267 1 Jetbrains 1 Teamcity 2025-12-18 N/A 6.5 MEDIUM
In JetBrains TeamCity before 2025.11.1 excessive privileges were possible due to storing GitHub personal access token instead of an installation token
CVE-2025-68268 1 Jetbrains 1 Teamcity 2025-12-18 N/A 5.4 MEDIUM
In JetBrains TeamCity before 2025.11.1 reflected XSS was possible on the storage settings page
CVE-2025-67740 1 Jetbrains 1 Teamcity 2025-12-15 N/A 2.7 LOW
In JetBrains TeamCity before 2025.11 improper access control could expose GitHub App token's metadata
CVE-2025-67741 1 Jetbrains 1 Teamcity 2025-12-15 N/A 4.6 MEDIUM
In JetBrains TeamCity before 2025.11 stored XSS was possible via session attribute
CVE-2025-67742 1 Jetbrains 1 Teamcity 2025-12-15 N/A 3.8 LOW
In JetBrains TeamCity before 2025.11 path traversal was possible via file upload
CVE-2024-27198 1 Jetbrains 1 Teamcity 2025-10-24 N/A 9.8 CRITICAL
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
CVE-2023-42793 1 Jetbrains 1 Teamcity 2025-10-24 N/A 9.8 CRITICAL
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
CVE-2025-59455 1 Jetbrains 1 Teamcity 2025-09-22 N/A 4.2 MEDIUM
In JetBrains TeamCity before 2025.07.2 project isolation bypass was possible due to race condition
CVE-2025-59456 1 Jetbrains 1 Teamcity 2025-09-22 N/A 5.5 MEDIUM
In JetBrains TeamCity before 2025.07.2 path traversal was possible during project archive upload
CVE-2025-59457 1 Jetbrains 1 Teamcity 2025-09-22 N/A 7.7 HIGH
In JetBrains TeamCity before 2025.07.2 missing Git URL validation allowed credential leakage on Windows
CVE-2025-57734 1 Jetbrains 1 Teamcity 2025-08-21 N/A 4.3 MEDIUM
In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files
CVE-2025-57733 1 Jetbrains 1 Teamcity 2025-08-21 N/A 5.5 MEDIUM
In JetBrains TeamCity before 2025.07.1 sMTP injection was possible allowing modification of email content
CVE-2025-57732 1 Jetbrains 1 Teamcity 2025-08-21 N/A 7.5 HIGH
In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership
CVE-2025-54528 1 Jetbrains 1 Teamcity 2025-07-31 N/A 5.4 MEDIUM
In JetBrains TeamCity before 2025.07 a CSRF was possible in GitHub App connection flow