A stack-buffer-overflow vulnerability exists in the read_charset_decl function of html2xhtml 1.3. This vulnerability occurs due to improper bounds checking when copying data into a fixed-size stack buffer. An attacker can exploit this vulnerability by providing a specially crafted input to the vuln…

In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability.

In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 authentication bypass was possible in specific edge cases

In JetBrains TeamCity before 2024.03.2 server was susceptible to DoS attacks with incorrect auth tokens

In JetBrains TeamCity before 2024.03.2 certain TeamCity API endpoints did not check user permissions

In JetBrains TeamCity before 2024.03.2 users could perform actions that should not be available to them based on their permissions

In JetBrains TeamCity before 2024.03.2 technical information regarding TeamCity server could be exposed

In JetBrains TeamCity before 2024.03.2 stored XSS via build step settings was possible

In JetBrains TeamCity before 2024.03.2 several stored XSS in untrusted builds settings were possible

In JetBrains TeamCity before 2023.05.6 reflected XSS on the subscriptions page was possible