Filtered by vendor Jetbrains
Subscriptions
Total
525 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-67741 | 1 Jetbrains | 1 Teamcity | 2025-12-11 | 4.8 Medium |
| In JetBrains TeamCity before 2025.11 stored XSS was possible via session attribute | ||||
| CVE-2025-67739 | 1 Jetbrains | 1 Teamcity | 2025-12-11 | 3.1 Low |
| In JetBrains TeamCity before 2025.11.2 improper repository URL validation could lead to local paths disclosure | ||||
| CVE-2025-67740 | 1 Jetbrains | 1 Teamcity | 2025-12-11 | 2.7 Low |
| In JetBrains TeamCity before 2025.11 improper access control could expose GitHub App token's metadata | ||||
| CVE-2025-67742 | 1 Jetbrains | 1 Teamcity | 2025-12-11 | 3.8 Low |
| In JetBrains TeamCity before 2025.11 path traversal was possible via file upload | ||||
| CVE-2025-64773 | 1 Jetbrains | 1 Youtrack | 2025-12-11 | 2.7 Low |
| In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit | ||||
| CVE-2025-64690 | 1 Jetbrains | 1 Youtrack | 2025-12-02 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it relates to internal functionality that is not available to customers. | ||||
| CVE-2025-64689 | 1 Jetbrains | 1 Youtrack | 2025-12-02 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it relates to internal functionality that is not available to customers. | ||||
| CVE-2025-64688 | 1 Jetbrains | 1 Youtrack | 2025-12-02 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it relates to internal functionality that is not available to customers. | ||||
| CVE-2025-64687 | 1 Jetbrains | 1 Youtrack | 2025-12-02 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it was fixed before public disclosure and did not affect any released versions. | ||||
| CVE-2025-64686 | 1 Jetbrains | 1 Youtrack | 2025-12-02 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it was fixed before public disclosure and did not affect any released versions. | ||||
| CVE-2025-54527 | 1 Jetbrains | 1 Youtrack | 2025-12-01 | 6.1 Medium |
| In JetBrains YouTrack before 2025.2.86935, 2025.2.87167, 2025.3.87341, 2025.3.87344 improper iframe configuration in widget sandbox allows popups to bypass security restrictions | ||||
| CVE-2025-64683 | 1 Jetbrains | 1 Hub | 2025-11-21 | 5.3 Medium |
| In JetBrains Hub before 2025.3.104432 information disclosure was possible via the Users API | ||||
| CVE-2025-64684 | 1 Jetbrains | 1 Youtrack | 2025-11-21 | 4.5 Medium |
| In JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback form | ||||
| CVE-2025-64685 | 1 Jetbrains | 1 Youtrack | 2025-11-21 | 8.1 High |
| In JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data disclosure | ||||
| CVE-2025-64456 | 1 Jetbrains | 1 Resharper | 2025-11-20 | 8.4 High |
| In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation | ||||
| CVE-2025-64681 | 1 Jetbrains | 1 Hub | 2025-11-20 | 2.7 Low |
| In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations | ||||
| CVE-2025-64682 | 1 Jetbrains | 1 Hub | 2025-11-20 | 2.7 Low |
| In JetBrains Hub before 2025.3.104432 a race condition allowed bypass of the Agent-user limit | ||||
| CVE-2025-64457 | 1 Jetbrains | 1 Dottrace | 2025-11-12 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority while details are being clarified. A corrected record will be published once verification is complete. | ||||
| CVE-2024-27198 | 1 Jetbrains | 1 Teamcity | 2025-10-24 | 9.8 Critical |
| In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible | ||||
| CVE-2023-42793 | 1 Jetbrains | 1 Teamcity | 2025-10-24 | 9.8 Critical |
| In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | ||||