Filtered by vendor Jetbrains
Subscriptions
Total
525 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-57728 | 1 Jetbrains | 1 Intellij Idea | 2025-08-21 | 6.5 Medium |
| In JetBrains IntelliJ IDEA before 2025.2 improper access control allowed Code With Me guest to discover hidden files | ||||
| CVE-2025-57727 | 1 Jetbrains | 1 Intellij Idea | 2025-08-21 | 4.7 Medium |
| In JetBrains IntelliJ IDEA before 2025.2 credentials disclosure was possible via remote reference | ||||
| CVE-2025-54528 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | 5.4 Medium |
| In JetBrains TeamCity before 2025.07 a CSRF was possible in GitHub App connection flow | ||||
| CVE-2025-54529 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | 3.7 Low |
| In JetBrains TeamCity before 2025.07 a CSRF was possible in external OAuth login integration | ||||
| CVE-2025-54530 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | 7.5 High |
| In JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory permissions | ||||
| CVE-2025-54531 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | 7.7 High |
| In JetBrains TeamCity before 2025.07 path traversal was possible via plugin unpacking on Windows | ||||
| CVE-2025-54536 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | 5.4 Medium |
| In JetBrains TeamCity before 2025.07 a CSRF was possible on GraphQL endpoint | ||||
| CVE-2025-54532 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | 4.3 Medium |
| In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via snapshot dependencies | ||||
| CVE-2025-54533 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | 4.3 Medium |
| In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via VCS configuration | ||||
| CVE-2025-54534 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | 4.8 Medium |
| In JetBrains TeamCity before 2025.07 reflected XSS was possible on the agentpushPreset page | ||||
| CVE-2025-54535 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | 5.8 Medium |
| In JetBrains TeamCity before 2025.07 password reset and email verification tokens were using weak hashing algorithms | ||||
| CVE-2025-54538 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | 5.5 Medium |
| In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg pull" command | ||||
| CVE-2025-54537 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | 5.5 Medium |
| In JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshots | ||||
| CVE-2025-23385 | 1 Jetbrains | 3 Dottrace, Resharper, Rider | 2025-07-12 | 7.8 High |
| In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, ETW Host Service before 16.43, Local Privilege Escalation via the ETW Host Service was possible | ||||
| CVE-2025-52875 | 1 Jetbrains | 1 Teamcity | 2025-06-27 | 5.4 Medium |
| In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible | ||||
| CVE-2025-52878 | 1 Jetbrains | 1 Teamcity | 2025-06-27 | 4.3 Medium |
| In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissions | ||||
| CVE-2025-52877 | 1 Jetbrains | 1 Teamcity | 2025-06-27 | 4.8 Medium |
| In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible | ||||
| CVE-2025-52879 | 1 Jetbrains | 1 Teamcity | 2025-06-27 | 4.8 Medium |
| In JetBrains TeamCity before 2025.03.3 reflected XSS in the NPM Registry integration was possible | ||||
| CVE-2025-52876 | 1 Jetbrains | 1 Teamcity | 2025-06-25 | 5.4 Medium |
| In JetBrains TeamCity before 2025.03.3 reflected XSS on the favoriteIcon page was possible | ||||
| CVE-2024-22370 | 1 Jetbrains | 1 Youtrack | 2025-06-17 | 4.6 Medium |
| In JetBrains YouTrack before 2023.3.22666 stored XSS via markdown was possible | ||||