Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): jetbrains
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-31140 |
In JetBrains TeamCity before 2024.03 server administrators could remove arbitrary files from the server by installing tools Published: March 28, 2024; 11:15:48 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31139 |
In JetBrains TeamCity before 2024.03 xXE was possible in the Maven build steps detector Published: March 28, 2024; 11:15:48 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31138 |
In JetBrains TeamCity before 2024.03 xSS was possible via Agent Distribution settings Published: March 28, 2024; 11:15:47 AM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2024-31137 |
In JetBrains TeamCity before 2024.03 reflected XSS was possible via Space connection configuration Published: March 28, 2024; 11:15:47 AM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2024-31136 |
In JetBrains TeamCity before 2024.03 2FA could be bypassed by providing a special URL parameter Published: March 28, 2024; 11:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31135 |
In JetBrains TeamCity before 2024.03 open redirect was possible on the login page Published: March 28, 2024; 11:15:47 AM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2024-31134 |
In JetBrains TeamCity before 2024.03 authenticated users without administrative permissions could register other users when self-registration was disabled Published: March 28, 2024; 11:15:46 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29880 |
In JetBrains TeamCity before 2023.11 users with access to the agent machine might obtain permissions of the user running the agent process Published: March 21, 2024; 10:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-28230 |
In JetBrains YouTrack before 2024.1.25893 attaching/detaching workflow to a project was possible without project admin permissions Published: March 07, 2024; 7:15:47 AM -0500 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-28229 |
In JetBrains YouTrack before 2024.1.25893 user without appropriate permissions could restore issues and articles Published: March 07, 2024; 7:15:47 AM -0500 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-28228 |
In JetBrains YouTrack before 2024.1.25893 creation comments on behalf of an arbitrary user in HelpDesk was possible Published: March 07, 2024; 7:15:46 AM -0500 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-28174 |
In JetBrains TeamCity before 2023.11.4 presigned URL generation requests in S3 Artifact Storage plugin were authorized improperly Published: March 06, 2024; 12:15:11 PM -0500 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-28173 |
In JetBrains TeamCity between 2023.11 and 2023.11.4 custom build parameters of the "password" type could be disclosed Published: March 06, 2024; 12:15:11 PM -0500 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-27199 |
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible Published: March 04, 2024; 1:15:09 PM -0500 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-27198 |
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible Published: March 04, 2024; 1:15:09 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2024-24943 |
In JetBrains Toolbox App before 2.2 a DoS attack was possible via a malicious SVG image Published: February 06, 2024; 5:15:11 AM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2024-24942 |
In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives Published: February 06, 2024; 5:15:11 AM -0500 |
V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2024-24941 |
In JetBrains IntelliJ IDEA before 2023.3.3 a plugin for JetBrains Space was able to send an authentication token to an inappropriate URL Published: February 06, 2024; 5:15:11 AM -0500 |
V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2024-24940 |
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives Published: February 06, 2024; 5:15:10 AM -0500 |
V3.1: 4.3 MEDIUM V2.0:(not available) |
CVE-2024-24939 |
In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was possible Published: February 06, 2024; 5:15:10 AM -0500 |
V3.1: 5.3 MEDIUM V2.0:(not available) |