Filtered by vendor Jetbrains
Subscribe
Total
484 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-47854 | 1 Jetbrains | 1 Teamcity | 2025-05-28 | N/A | 6.1 MEDIUM |
| In JetBrains TeamCity before 2025.03.2 open redirect was possible on editing VCS Root page | |||||
| CVE-2025-31139 | 1 Jetbrains | 1 Teamcity | 2025-05-16 | N/A | 6.5 MEDIUM |
| In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log | |||||
| CVE-2025-31141 | 1 Jetbrains | 1 Teamcity | 2025-05-16 | N/A | 7.5 HIGH |
| In JetBrains TeamCity before 2025.03 exception could lead to credential leakage on Cloud Profiles page | |||||
| CVE-2025-46433 | 1 Jetbrains | 1 Teamcity | 2025-05-16 | N/A | 9.8 CRITICAL |
| In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was possible | |||||
| CVE-2025-26492 | 1 Jetbrains | 1 Teamcity | 2025-05-16 | N/A | 9.1 CRITICAL |
| In JetBrains TeamCity before 2024.12.2 improper Kubernetes connection settings could expose sensitive resources | |||||
| CVE-2025-31140 | 1 Jetbrains | 1 Teamcity | 2025-05-16 | N/A | 6.1 MEDIUM |
| In JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud Profiles page | |||||
| CVE-2025-26493 | 1 Jetbrains | 1 Teamcity | 2025-05-16 | N/A | 6.1 MEDIUM |
| In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab | |||||
| CVE-2025-46432 | 1 Jetbrains | 1 Teamcity | 2025-05-16 | N/A | 6.5 MEDIUM |
| In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs | |||||
| CVE-2025-46618 | 1 Jetbrains | 1 Teamcity | 2025-05-16 | N/A | 6.1 MEDIUM |
| In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab | |||||
| CVE-2024-24940 | 1 Jetbrains | 1 Intellij Idea | 2025-05-15 | N/A | 4.3 MEDIUM |
| In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives | |||||
| CVE-2025-43015 | 1 Jetbrains | 1 Rubymine | 2025-04-25 | N/A | 6.5 MEDIUM |
| In JetBrains RubyMine before 2025.1 remote Interpreter overwrote ports to listen on all interfaces | |||||
| CVE-2025-43014 | 1 Jetbrains | 1 Toolbox | 2025-04-23 | N/A | 6.5 MEDIUM |
| In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user confirmation | |||||
| CVE-2025-43013 | 1 Jetbrains | 1 Toolbox | 2025-04-23 | N/A | 7.5 HIGH |
| In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible | |||||
| CVE-2025-42921 | 1 Jetbrains | 1 Toolbox | 2025-04-23 | N/A | 6.5 MEDIUM |
| In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin | |||||
| CVE-2023-42793 | 1 Jetbrains | 1 Teamcity | 2025-03-07 | N/A | 9.8 CRITICAL |
| In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | |||||
| CVE-2024-36371 | 1 Jetbrains | 1 Teamcity | 2025-02-07 | N/A | 5.4 MEDIUM |
| In JetBrains TeamCity before 2023.05.6, 2023.11.5 stored XSS in Commit status publisher was possible | |||||
| CVE-2024-36470 | 1 Jetbrains | 1 Teamcity | 2025-02-07 | N/A | 9.8 CRITICAL |
| In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 authentication bypass was possible in specific edge cases | |||||
| CVE-2024-54155 | 1 Jetbrains | 1 Youtrack | 2025-01-31 | N/A | 5.3 MEDIUM |
| In JetBrains YouTrack before 2024.3.51866 improper access control allowed listing of project names during app import without authentication | |||||
| CVE-2024-54154 | 1 Jetbrains | 1 Youtrack | 2025-01-31 | N/A | 9.8 CRITICAL |
| In JetBrains YouTrack before 2024.3.51866 system takeover was possible through path traversal in plugin sandbox | |||||
| CVE-2024-54153 | 1 Jetbrains | 1 Youtrack | 2025-01-31 | N/A | 6.5 MEDIUM |
| In JetBrains YouTrack before 2024.3.51866 unauthenticated database backup download was possible via vulnerable query parameter | |||||