Filtered by vendor Jetbrains
Subscribe
Total
503 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-27198 | 1 Jetbrains | 1 Teamcity | 2025-10-24 | N/A | 9.8 CRITICAL |
| In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible | |||||
| CVE-2023-42793 | 1 Jetbrains | 1 Teamcity | 2025-10-24 | N/A | 9.8 CRITICAL |
| In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | |||||
| CVE-2025-58334 | 1 Jetbrains | 1 Ide Services | 2025-10-14 | N/A | 8.1 HIGH |
| In JetBrains IDE Services before 2025.5.0.1086, 2025.4.2.2164 users without appropriate permissions could assign high-privileged role for themselves | |||||
| CVE-2025-53959 | 1 Jetbrains | 1 Youtrack | 2025-10-14 | N/A | 7.6 HIGH |
| In JetBrains YouTrack before 2025.2.86069, 2024.3.85077, 2025.1.86199 email spoofing via an administrative API was possible | |||||
| CVE-2025-29904 | 1 Jetbrains | 1 Ktor | 2025-10-02 | N/A | 5.3 MEDIUM |
| In JetBrains Ktor before 3.1.1 an HTTP Request Smuggling was possible | |||||
| CVE-2025-43012 | 1 Jetbrains | 1 Toolbox | 2025-10-01 | N/A | 8.3 HIGH |
| In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible | |||||
| CVE-2025-43016 | 1 Jetbrains | 1 Rider | 2025-10-01 | N/A | 5.4 MEDIUM |
| In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session | |||||
| CVE-2025-29932 | 1 Jetbrains | 1 Goland | 2025-09-30 | N/A | 4.1 MEDIUM |
| In JetBrains GoLand before 2025.1 an XXE during debugging was possible | |||||
| CVE-2025-32054 | 1 Jetbrains | 1 Intellij Idea | 2025-09-30 | N/A | 3.3 LOW |
| In JetBrains IntelliJ IDEA before 2024.3, 2024.2.4 source code could be logged in the idea.log file | |||||
| CVE-2025-47850 | 1 Jetbrains | 1 Youtrack | 2025-09-30 | N/A | 4.3 MEDIUM |
| In JetBrains YouTrack before 2025.1.74704 restricted attachments could become visible after issue cloning | |||||
| CVE-2025-48391 | 1 Jetbrains | 1 Youtrack | 2025-09-30 | N/A | 7.7 HIGH |
| In JetBrains YouTrack before 2025.1.76253 deletion of issues was possible due to missing permission checks in API | |||||
| CVE-2025-57730 | 1 Jetbrains | 1 Intellij Idea | 2025-09-30 | N/A | 5.2 MEDIUM |
| In JetBrains IntelliJ IDEA before 2025.2 hTML injection was possible via Remote Development feature | |||||
| CVE-2025-59455 | 1 Jetbrains | 1 Teamcity | 2025-09-22 | N/A | 4.2 MEDIUM |
| In JetBrains TeamCity before 2025.07.2 project isolation bypass was possible due to race condition | |||||
| CVE-2025-59456 | 1 Jetbrains | 1 Teamcity | 2025-09-22 | N/A | 5.5 MEDIUM |
| In JetBrains TeamCity before 2025.07.2 path traversal was possible during project archive upload | |||||
| CVE-2025-59457 | 1 Jetbrains | 1 Teamcity | 2025-09-22 | N/A | 7.7 HIGH |
| In JetBrains TeamCity before 2025.07.2 missing Git URL validation allowed credential leakage on Windows | |||||
| CVE-2025-57734 | 1 Jetbrains | 1 Teamcity | 2025-08-21 | N/A | 4.3 MEDIUM |
| In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files | |||||
| CVE-2025-57733 | 1 Jetbrains | 1 Teamcity | 2025-08-21 | N/A | 5.5 MEDIUM |
| In JetBrains TeamCity before 2025.07.1 sMTP injection was possible allowing modification of email content | |||||
| CVE-2025-57732 | 1 Jetbrains | 1 Teamcity | 2025-08-21 | N/A | 7.5 HIGH |
| In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership | |||||
| CVE-2025-57731 | 1 Jetbrains | 1 Youtrack | 2025-08-21 | N/A | 8.7 HIGH |
| In JetBrains YouTrack before 2025.2.92387 stored XSS was possible via Mermaid diagram content | |||||
| CVE-2025-57729 | 1 Jetbrains | 1 Intellij Idea | 2025-08-21 | N/A | 6.5 MEDIUM |
| In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start | |||||