Filtered by vendor Jetbrains
Subscriptions
Total
533 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-67739 | 1 Jetbrains | 1 Teamcity | 2025-12-23 | 3.1 Low |
| In JetBrains TeamCity before 2025.11.2 improper repository URL validation could lead to local paths disclosure | ||||
| CVE-2025-68269 | 1 Jetbrains | 1 Intellij Idea | 2025-12-23 | 5.4 Medium |
| In JetBrains IntelliJ IDEA before 2025.3 missing confirmation allowed opening of untrusted remote projects over SSH | ||||
| CVE-2025-64457 | 1 Jetbrains | 1 Dottrace | 2025-12-19 | 4.2 Medium |
| In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition | ||||
| CVE-2025-68162 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | 2.7 Low |
| In JetBrains TeamCity before 2025.11 maven embedder allowed loading extensions via project configuration | ||||
| CVE-2025-68163 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | 3.5 Low |
| In JetBrains TeamCity before 2025.11 stored XSS was possible on agentpushInstall page | ||||
| CVE-2025-68164 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | 2.7 Low |
| In JetBrains TeamCity before 2025.11 port enumeration was possible via the Perforce connection test | ||||
| CVE-2025-68165 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | 5.4 Medium |
| In JetBrains TeamCity before 2025.11 reflected XSS was possible on VCS Root setup | ||||
| CVE-2025-68166 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | 5.4 Medium |
| In JetBrains TeamCity before 2025.11 a DOM-based XSS was possible on the OAuth connections tab | ||||
| CVE-2025-68267 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | 6.5 Medium |
| In JetBrains TeamCity before 2025.11.1 excessive privileges were possible due to storing GitHub personal access token instead of an installation token | ||||
| CVE-2025-68268 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | 5.4 Medium |
| In JetBrains TeamCity before 2025.11.1 reflected XSS was possible on the storage settings page | ||||
| CVE-2025-67740 | 1 Jetbrains | 1 Teamcity | 2025-12-15 | 2.7 Low |
| In JetBrains TeamCity before 2025.11 improper access control could expose GitHub App token's metadata | ||||
| CVE-2025-67741 | 1 Jetbrains | 1 Teamcity | 2025-12-15 | 4.8 Medium |
| In JetBrains TeamCity before 2025.11 stored XSS was possible via session attribute | ||||
| CVE-2025-67742 | 1 Jetbrains | 1 Teamcity | 2025-12-15 | 3.8 Low |
| In JetBrains TeamCity before 2025.11 path traversal was possible via file upload | ||||
| CVE-2025-64773 | 1 Jetbrains | 1 Youtrack | 2025-12-11 | 2.7 Low |
| In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit | ||||
| CVE-2025-64690 | 1 Jetbrains | 1 Youtrack | 2025-12-02 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it relates to internal functionality that is not available to customers. | ||||
| CVE-2025-64689 | 1 Jetbrains | 1 Youtrack | 2025-12-02 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it relates to internal functionality that is not available to customers. | ||||
| CVE-2025-64688 | 1 Jetbrains | 1 Youtrack | 2025-12-02 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it relates to internal functionality that is not available to customers. | ||||
| CVE-2025-64687 | 1 Jetbrains | 1 Youtrack | 2025-12-02 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it was fixed before public disclosure and did not affect any released versions. | ||||
| CVE-2025-64686 | 1 Jetbrains | 1 Youtrack | 2025-12-02 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it was fixed before public disclosure and did not affect any released versions. | ||||
| CVE-2025-54527 | 1 Jetbrains | 1 Youtrack | 2025-12-01 | 6.1 Medium |
| In JetBrains YouTrack before 2025.2.86935, 2025.2.87167, 2025.3.87341, 2025.3.87344 improper iframe configuration in widget sandbox allows popups to bypass security restrictions | ||||