Filtered by vendor Jetbrains
Subscribe
Total
537 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-29932 | 1 Jetbrains | 1 Goland | 2025-09-30 | N/A | 4.1 MEDIUM |
|
In JetBrains GoLand before 2025.1 an XXE during debugging was possible
|
|||||
| CVE-2025-32054 | 1 Jetbrains | 1 Intellij Idea | 2025-09-30 | N/A | 3.3 LOW |
|
In JetBrains IntelliJ IDEA before 2024.3, 2024.2.4 source code could be logged in the idea.log file
|
|||||
| CVE-2025-47850 | 1 Jetbrains | 1 Youtrack | 2025-09-30 | N/A | 4.3 MEDIUM |
|
In JetBrains YouTrack before 2025.1.74704 restricted attachments could become visible after issue cloning
|
|||||
| CVE-2025-48391 | 1 Jetbrains | 1 Youtrack | 2025-09-30 | N/A | 7.7 HIGH |
|
In JetBrains YouTrack before 2025.1.76253 deletion of issues was possible due to missing permission checks in API
|
|||||
| CVE-2025-57730 | 1 Jetbrains | 1 Intellij Idea | 2025-09-30 | N/A | 5.2 MEDIUM |
|
In JetBrains IntelliJ IDEA before 2025.2 hTML injection was possible via Remote Development feature
|
|||||
| CVE-2025-59455 | 1 Jetbrains | 1 Teamcity | 2025-09-22 | N/A | 4.2 MEDIUM |
|
In JetBrains TeamCity before 2025.07.2 project isolation bypass was possible due to race condition
|
|||||
| CVE-2025-59456 | 1 Jetbrains | 1 Teamcity | 2025-09-22 | N/A | 5.5 MEDIUM |
|
In JetBrains TeamCity before 2025.07.2 path traversal was possible during project archive upload
|
|||||
| CVE-2025-59457 | 1 Jetbrains | 1 Teamcity | 2025-09-22 | N/A | 7.7 HIGH |
|
In JetBrains TeamCity before 2025.07.2 missing Git URL validation allowed credential leakage on Windows
|
|||||
| CVE-2025-57734 | 1 Jetbrains | 1 Teamcity | 2025-08-21 | N/A | 4.3 MEDIUM |
|
In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files
|
|||||
| CVE-2025-57733 | 1 Jetbrains | 1 Teamcity | 2025-08-21 | N/A | 5.5 MEDIUM |
|
In JetBrains TeamCity before 2025.07.1 sMTP injection was possible allowing modification of email content
|
|||||
| CVE-2025-57732 | 1 Jetbrains | 1 Teamcity | 2025-08-21 | N/A | 7.5 HIGH |
|
In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership
|
|||||
| CVE-2025-57731 | 1 Jetbrains | 1 Youtrack | 2025-08-21 | N/A | 8.7 HIGH |
|
In JetBrains YouTrack before 2025.2.92387 stored XSS was possible via Mermaid diagram content
|
|||||
| CVE-2025-57729 | 1 Jetbrains | 1 Intellij Idea | 2025-08-21 | N/A | 6.5 MEDIUM |
|
In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start
|
|||||
| CVE-2025-57728 | 1 Jetbrains | 1 Intellij Idea | 2025-08-21 | N/A | 6.5 MEDIUM |
|
In JetBrains IntelliJ IDEA before 2025.2 improper access control allowed Code With Me guest to discover hidden files
|
|||||
| CVE-2025-57727 | 1 Jetbrains | 1 Intellij Idea | 2025-08-21 | N/A | 4.7 MEDIUM |
|
In JetBrains IntelliJ IDEA before 2025.2 credentials disclosure was possible via remote reference
|
|||||
| CVE-2025-54528 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | N/A | 5.4 MEDIUM |
|
In JetBrains TeamCity before 2025.07 a CSRF was possible in GitHub App connection flow
|
|||||
| CVE-2025-54529 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | N/A | 3.7 LOW |
|
In JetBrains TeamCity before 2025.07 a CSRF was possible in external OAuth login integration
|
|||||
| CVE-2025-54530 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | N/A | 7.5 HIGH |
|
In JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory permissions
|
|||||
| CVE-2025-54531 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | N/A | 7.7 HIGH |
|
In JetBrains TeamCity before 2025.07 path traversal was possible via plugin unpacking on Windows
|
|||||
| CVE-2025-54536 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | N/A | 5.4 MEDIUM |
|
In JetBrains TeamCity before 2025.07 a CSRF was possible on GraphQL endpoint
|
|||||
| CVE-2025-54532 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | N/A | 4.3 MEDIUM |
|
In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via snapshot dependencies
|
|||||
| CVE-2025-54533 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | N/A | 4.3 MEDIUM |
|
In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via VCS configuration
|
|||||
| CVE-2025-54534 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | N/A | 4.8 MEDIUM |
|
In JetBrains TeamCity before 2025.07 reflected XSS was possible on the agentpushPreset page
|
|||||
| CVE-2025-54535 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | N/A | 5.8 MEDIUM |
|
In JetBrains TeamCity before 2025.07 password reset and email verification tokens were using weak hashing algorithms
|
|||||
| CVE-2025-54538 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | N/A | 5.5 MEDIUM |
|
In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg pull" command
|
|||||
| CVE-2025-54537 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | N/A | 5.5 MEDIUM |
|
In JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshots
|
|||||
| CVE-2025-52877 | 1 Jetbrains | 1 Teamcity | 2025-06-25 | N/A | 4.8 MEDIUM |
|
In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible
|
|||||
| CVE-2025-52876 | 1 Jetbrains | 1 Teamcity | 2025-06-25 | N/A | 5.4 MEDIUM |
|
In JetBrains TeamCity before 2025.03.3 reflected XSS on the favoriteIcon page was possible
|
|||||
| CVE-2025-52875 | 1 Jetbrains | 1 Teamcity | 2025-06-25 | N/A | 5.4 MEDIUM |
|
In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible
|
|||||
| CVE-2025-52878 | 1 Jetbrains | 1 Teamcity | 2025-06-25 | N/A | 4.3 MEDIUM |
|
In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissions
|
|||||
| CVE-2025-52879 | 1 Jetbrains | 1 Teamcity | 2025-06-25 | N/A | 4.8 MEDIUM |
|
In JetBrains TeamCity before 2025.03.3 reflected XSS in the NPM Registry integration was possible
|
|||||
| CVE-2024-27199 | 1 Jetbrains | 1 Teamcity | 2025-05-30 | N/A | 7.3 HIGH |
|
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
|
|||||
| CVE-2025-47851 | 1 Jetbrains | 1 Teamcity | 2025-05-28 | N/A | 4.8 MEDIUM |
|
In JetBrains TeamCity before 2025.03.2 stored XSS via GitHub Checks Webhook was possible
|
|||||
| CVE-2025-47852 | 1 Jetbrains | 1 Teamcity | 2025-05-28 | N/A | 4.8 MEDIUM |
|
In JetBrains TeamCity before 2025.03.2 stored XSS via YouTrack integration was possible
|
|||||
| CVE-2025-47853 | 1 Jetbrains | 1 Teamcity | 2025-05-28 | N/A | 4.8 MEDIUM |
|
In JetBrains TeamCity before 2025.03.2 stored XSS via Jira integration was possible
|
|||||
| CVE-2025-47854 | 1 Jetbrains | 1 Teamcity | 2025-05-28 | N/A | 4.3 MEDIUM |
|
In JetBrains TeamCity before 2025.03.2 open redirect was possible on editing VCS Root page
|
|||||
| CVE-2025-26492 | 1 Jetbrains | 1 Teamcity | 2025-05-16 | N/A | 7.7 HIGH |
|
In JetBrains TeamCity before 2024.12.2 improper Kubernetes connection settings could expose sensitive resources
|
|||||
| CVE-2025-26493 | 1 Jetbrains | 1 Teamcity | 2025-05-16 | N/A | 4.6 MEDIUM |
|
In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab
|
|||||
| CVE-2025-31139 | 1 Jetbrains | 1 Teamcity | 2025-05-16 | N/A | 4.3 MEDIUM |
|
In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log
|
|||||
| CVE-2025-31140 | 1 Jetbrains | 1 Teamcity | 2025-05-16 | N/A | 4.6 MEDIUM |
|
In JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud Profiles page
|
|||||