Filtered by vendor Jetbrains
Subscriptions
Total
506 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-59455 | 1 Jetbrains | 1 Teamcity | 2025-09-18 | 4.2 Medium |
| In JetBrains TeamCity before 2025.07.2 project isolation bypass was possible due to race condition | ||||
| CVE-2025-59456 | 1 Jetbrains | 1 Teamcity | 2025-09-18 | 5.5 Medium |
| In JetBrains TeamCity before 2025.07.2 path traversal was possible during project archive upload | ||||
| CVE-2025-59457 | 2 Jetbrains, Microsoft | 2 Teamcity, Windows | 2025-09-18 | 7.7 High |
| In JetBrains TeamCity before 2025.07.2 missing Git URL validation allowed credential leakage on Windows | ||||
| CVE-2025-59458 | 1 Jetbrains | 1 Junie | 2025-09-18 | 8.3 High |
| In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 code execution was possible due to improper command validation | ||||
| CVE-2024-24938 | 1 Jetbrains | 1 Teamcity | 2025-08-27 | 5.3 Medium |
| In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation | ||||
| CVE-2025-57734 | 1 Jetbrains | 1 Teamcity | 2025-08-21 | 4.3 Medium |
| In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files | ||||
| CVE-2025-57733 | 1 Jetbrains | 1 Teamcity | 2025-08-21 | 5.5 Medium |
| In JetBrains TeamCity before 2025.07.1 sMTP injection was possible allowing modification of email content | ||||
| CVE-2025-57732 | 1 Jetbrains | 1 Teamcity | 2025-08-21 | 7.5 High |
| In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership | ||||
| CVE-2025-57731 | 1 Jetbrains | 1 Youtrack | 2025-08-21 | 8.7 High |
| In JetBrains YouTrack before 2025.2.92387 stored XSS was possible via Mermaid diagram content | ||||
| CVE-2025-57730 | 1 Jetbrains | 1 Intellij Idea | 2025-08-21 | 5.2 Medium |
| In JetBrains IntelliJ IDEA before 2025.2 hTML injection was possible via Remote Development feature | ||||
| CVE-2025-57729 | 1 Jetbrains | 1 Intellij Idea | 2025-08-21 | 6.5 Medium |
| In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start | ||||
| CVE-2025-57728 | 1 Jetbrains | 1 Intellij Idea | 2025-08-21 | 6.5 Medium |
| In JetBrains IntelliJ IDEA before 2025.2 improper access control allowed Code With Me guest to discover hidden files | ||||
| CVE-2025-57727 | 1 Jetbrains | 1 Intellij Idea | 2025-08-21 | 4.7 Medium |
| In JetBrains IntelliJ IDEA before 2025.2 credentials disclosure was possible via remote reference | ||||
| CVE-2025-54528 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | 5.4 Medium |
| In JetBrains TeamCity before 2025.07 a CSRF was possible in GitHub App connection flow | ||||
| CVE-2025-54529 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | 3.7 Low |
| In JetBrains TeamCity before 2025.07 a CSRF was possible in external OAuth login integration | ||||
| CVE-2025-54530 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | 7.5 High |
| In JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory permissions | ||||
| CVE-2025-54531 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | 7.7 High |
| In JetBrains TeamCity before 2025.07 path traversal was possible via plugin unpacking on Windows | ||||
| CVE-2025-54536 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | 5.4 Medium |
| In JetBrains TeamCity before 2025.07 a CSRF was possible on GraphQL endpoint | ||||
| CVE-2023-42793 | 1 Jetbrains | 1 Teamcity | 2025-07-30 | 9.8 Critical |
| In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | ||||
| CVE-2024-27198 | 1 Jetbrains | 1 Teamcity | 2025-07-30 | 9.8 Critical |
| In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible | ||||