Security Vulnerabilities - CVEs Published In 2021
In JetBrains TeamCity before 2021.1.2, email notifications could include unescaped HTML for XSS.
CVSS Score
6.1
EPSS Score
0.0
Published
2021-11-09
In JetBrains TeamCity before 2021.1.2, stored XSS is possible.
CVSS Score
5.4
EPSS Score
0.0
Published
2021-11-09
In JetBrains TeamCity before 2021.1.2, permission checks in the Create Patch functionality are insufficient.
CVSS Score
5.3
EPSS Score
0.0
Published
2021-11-09
In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient.
CVSS Score
9.8
EPSS Score
0.0
Published
2021-11-09
A Buffer Overflow and Information Disclosure issue exists in HP OfficeJet Pro Printers before 001.1937C, and HP PageWide Managed Printers and HP PageWide Pro Printers before 001.1937D exists; A maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device.
CVSS Score
9.1
EPSS Score
0.009
Published
2021-11-09
A potential security vulnerability has been identified for certain HP printers and MFPs with Troy solutions. For affected printers with FutureSmart Firmware bundle version 4.9 or 4.9.0.1 the potential vulnerability may cause instability in the solution.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-11-09
A potential security vulnerability has been identified for certain HP printers and MFPs that would allow redirection page Cross-Site Scripting in a client’s browser by clicking on a third-party malicious link.
CVSS Score
6.1
EPSS Score
0.005
Published
2021-11-09
In JetBrains Hub before 2021.1.13690, the authentication throttling mechanism could be bypassed.
CVSS Score
9.8
EPSS Score
0.0
Published
2021-11-09
In JetBrains YouTrack before 2021.3.21051, stored XSS is possible.
CVSS Score
5.4
EPSS Score
0.0
Published
2021-11-09
JetBrains YouTrack before 2021.3.23639 is vulnerable to Host header injection.
CVSS Score
9.8
EPSS Score
0.0
Published
2021-11-09