Threat-Lens CVE Hub

CVE-2025-57734

MEDIUM CVSS 6.5

Find Similar

In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files

jetbrains

CVE-2025-31141

HIGH CVSS 7.5

Find Similar

In JetBrains TeamCity before 2025.03 exception could lead to credential leakage on Cloud Profiles page

jetbrains

CVE-2025-46432

MEDIUM CVSS 6.5

Find Similar

In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs

jetbrains

CVE-2025-54533

MEDIUM CVSS 4.3

Find Similar

In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via VCS configuration

jetbrains

CVE-2025-54532

MEDIUM CVSS 4.3

Find Similar

In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via snapshot dependencies

jetbrains

CVE-2024-56350

MEDIUM CVSS 4.3

Find Similar

In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects

jetbrains

CVE-2024-47161

MEDIUM CVSS 6.5

Find Similar

In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST API

jetbrains

CVE-2025-26492

CRITICAL CVSS 9.1

Find Similar

In JetBrains TeamCity before 2024.12.2 improper Kubernetes connection settings could expose sensitive resources

jetbrains

CVE-2026-28196

LOW CVSS 2.3

Find Similar

In JetBrains TeamCity before 2025.11.3 disabling versioned settings left a credentials config on disk

jetbrains

CVE-2026-49379

MEDIUM CVSS 6.5

Find Similar

In JetBrains TeamCity before 2026.1 credentials could be exposed in thread names

jetbrains

CVE-2024-41824

MEDIUM CVSS 6.5

Find Similar

In JetBrains TeamCity before 2024.07 parameters of the "password" type could leak into the build log in some specific cases

jetbrains

CVE-2024-43114

HIGH CVSS 7.8

Find Similar

In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissions

jetbrains

CVE-2024-43810

MEDIUM CVSS 5.4

Find Similar

In JetBrains TeamCity before 2024.07.1 reflected XSS was possible in the AWS Core plugin

jetbrains

CVE-2025-52878

MEDIUM CVSS 4.3

Find Similar

In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissions

jetbrains

CVE-2026-49374

HIGH CVSS 7.6

Find Similar

In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters

jetbrains

CVE-2025-67740

MEDIUM CVSS 5.3

Find Similar

In JetBrains TeamCity before 2025.11 improper access control could expose GitHub App token's metadata

jetbrains

CVE-2025-54530

CRITICAL CVSS 9.8

Find Similar

In JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory permissions

jetbrains

CVE-2025-68267

MEDIUM CVSS 6.5

Find Similar

In JetBrains TeamCity before 2025.11.1 excessive privileges were possible due to storing GitHub personal access token instead of an installation token

jetbrains

CVE-2026-28195

MEDIUM CVSS 4.3

Find Similar

In JetBrains TeamCity before 2025.11.3 missing authorization allowed project developers to add parameters to build configurations

jetbrains

CVE-2025-54538

MEDIUM CVSS 5.5

Find Similar

In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg pull" command

jetbrains