Filtered by vendor Jetbrains
Subscriptions
Total
494 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-42793 | 1 Jetbrains | 1 Teamcity | 2025-07-30 | 9.8 Critical |
| In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | ||||
| CVE-2024-27198 | 1 Jetbrains | 1 Teamcity | 2025-07-30 | 9.8 Critical |
| In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible | ||||
| CVE-2025-54532 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | 4.3 Medium |
| In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via snapshot dependencies | ||||
| CVE-2025-54533 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | 4.3 Medium |
| In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via VCS configuration | ||||
| CVE-2025-54534 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | 4.8 Medium |
| In JetBrains TeamCity before 2025.07 reflected XSS was possible on the agentpushPreset page | ||||
| CVE-2025-54535 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | 5.8 Medium |
| In JetBrains TeamCity before 2025.07 password reset and email verification tokens were using weak hashing algorithms | ||||
| CVE-2025-54538 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | 5.5 Medium |
| In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg pull" command | ||||
| CVE-2025-54537 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | 5.5 Medium |
| In JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshots | ||||
| CVE-2025-54529 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | 3.7 Low |
| In JetBrains TeamCity before 2025.07 a CSRF was possible in external OAuth login integration | ||||
| CVE-2025-54531 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | 7.7 High |
| In JetBrains TeamCity before 2025.07 path traversal was possible via plugin unpacking on Windows | ||||
| CVE-2025-54530 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | 7.5 High |
| In JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory permissions | ||||
| CVE-2025-54527 | 1 Jetbrains | 1 Youtrack | 2025-07-29 | 6.1 Medium |
| In JetBrains YouTrack before 2025.2.86935, 2025.2.87167, 2025.3.87341, 2025.3.87344 improper iframe configuration in widget sandbox allows popups to bypass security restrictions | ||||
| CVE-2025-54536 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | 5.4 Medium |
| In JetBrains TeamCity before 2025.07 a CSRF was possible on GraphQL endpoint | ||||
| CVE-2025-54528 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | 5.4 Medium |
| In JetBrains TeamCity before 2025.07 a CSRF was possible in GitHub App connection flow | ||||
| CVE-2025-53959 | 1 Jetbrains | 1 Youtrack | 2025-07-15 | 7.6 High |
| In JetBrains YouTrack before 2025.2.86069, 2024.3.85077, 2025.1.86199 email spoofing via an administrative API was possible | ||||
| CVE-2025-52877 | 1 Jetbrains | 1 Teamcity | 2025-06-25 | 4.8 Medium |
| In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible | ||||
| CVE-2025-52876 | 1 Jetbrains | 1 Teamcity | 2025-06-25 | 5.4 Medium |
| In JetBrains TeamCity before 2025.03.3 reflected XSS on the favoriteIcon page was possible | ||||
| CVE-2025-52875 | 1 Jetbrains | 1 Teamcity | 2025-06-25 | 5.4 Medium |
| In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible | ||||
| CVE-2025-52878 | 1 Jetbrains | 1 Teamcity | 2025-06-25 | 4.3 Medium |
| In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissions | ||||
| CVE-2025-52879 | 1 Jetbrains | 1 Teamcity | 2025-06-25 | 4.8 Medium |
| In JetBrains TeamCity before 2025.03.3 reflected XSS in the NPM Registry integration was possible | ||||