Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): jetbrains
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2025-48391 |
In JetBrains YouTrack before 2025.1.76253 deletion of issues was possible due to missing permission checks in API Published: May 20, 2025; 2:15:47 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2025-47854 |
In JetBrains TeamCity before 2025.03.2 open redirect was possible on editing VCS Root page Published: May 20, 2025; 2:15:47 PM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2025-47853 |
In JetBrains TeamCity before 2025.03.2 stored XSS via Jira integration was possible Published: May 20, 2025; 2:15:47 PM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2025-47852 |
In JetBrains TeamCity before 2025.03.2 stored XSS via YouTrack integration was possible Published: May 20, 2025; 2:15:47 PM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2025-47851 |
In JetBrains TeamCity before 2025.03.2 stored XSS via GitHub Checks Webhook was possible Published: May 20, 2025; 2:15:47 PM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2025-47850 |
In JetBrains YouTrack before 2025.1.74704 restricted attachments could become visible after issue cloning Published: May 20, 2025; 2:15:46 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2025-46618 |
In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab Published: April 25, 2025; 11:15:40 AM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2025-46433 |
In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was possible Published: April 25, 2025; 11:15:40 AM -0400 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2025-46432 |
In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs Published: April 25, 2025; 11:15:40 AM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2025-43016 |
In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session Published: April 25, 2025; 11:15:39 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2025-43015 |
In JetBrains RubyMine before 2025.1 remote Interpreter overwrote ports to listen on all interfaces Published: April 17, 2025; 12:16:00 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2025-43014 |
In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user confirmation Published: April 17, 2025; 12:16:00 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2025-43013 |
In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible Published: April 17, 2025; 12:15:59 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2025-43012 |
In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible Published: April 17, 2025; 12:15:59 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2025-42921 |
In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin Published: April 17, 2025; 12:15:59 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2025-32054 |
In JetBrains IntelliJ IDEA before 2024.3, 2024.2.4 source code could be logged in the idea.log file Published: April 03, 2025; 1:15:30 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2025-31141 |
In JetBrains TeamCity before 2025.03 exception could lead to credential leakage on Cloud Profiles page Published: March 27, 2025; 8:15:15 AM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2025-31140 |
In JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud Profiles page Published: March 27, 2025; 8:15:14 AM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2025-31139 |
In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log Published: March 27, 2025; 8:15:14 AM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2025-29932 |
In JetBrains GoLand before 2025.1 an XXE during debugging was possible Published: March 25, 2025; 9:15:41 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |