Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In December 2024
In JetBrains TeamCity before 2024.12 backup file exposed user credentials and session cookies
CVSS Score
5.5
EPSS Score
0.0
Published
2024-12-20
In JetBrains TeamCity before 2024.12 password field value were accessible to users with view settings permission
CVSS Score
5.5
EPSS Score
0.0
Published
2024-12-20
In JetBrains TeamCity before 2024.12 missing Content-Type header in RemoteBuildLogController response could lead to XSS
CVSS Score
4.6
EPSS Score
0.147
Published
2024-12-20
In JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE attack
CVSS Score
5.9
EPSS Score
0.0
Published
2024-12-20
In JetBrains TeamCity before 2024.12 improper access control allowed unauthorized users to modify build logs
CVSS Score
5.3
EPSS Score
0.0
Published
2024-12-20
In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects
CVSS Score
4.3
EPSS Score
0.0
Published
2024-12-20
In JetBrains TeamCity before 2024.12 access tokens were not revoked after removing user roles
CVSS Score
6.3
EPSS Score
0.001
Published
2024-12-20
In JetBrains TeamCity before 2024.12 stored XSS was possible via image name on the agent details page
CVSS Score
4.6
EPSS Score
0.147
Published
2024-12-20
In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agents
CVSS Score
4.3
EPSS Score
0.0
Published
2024-12-20
IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. Attackers can make use of this weakness and upload malicious executable files into the system, and it can be sent to victim for performing further attacks.
CVSS Score
8.0
EPSS Score
0.001
Published
2024-12-20


Contact Us

Shodan ® - All rights reserved