Jetbrains

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-57734 1Jetbrains 1Teamcity Aug 21, 2025 Aug 20, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files
CVE-2025-57733 1Jetbrains 1Teamcity Aug 21, 2025 Aug 20, 2025 N/A· v4 3.8 LOW· v3 N/A· v2 In JetBrains TeamCity before 2025.07.1 sMTP injection was possible allowing modification of email content
CVE-2025-57732 1Jetbrains 1Teamcity Aug 21, 2025 Aug 20, 2025 N/A· v4 6.3 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership
CVE-2025-57731 1Jetbrains 1Youtrack Aug 21, 2025 Aug 20, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 In JetBrains YouTrack before 2025.2.92387 stored XSS was possible via Mermaid diagram content
CVE-2025-57730 1Jetbrains 1Intellij Idea Sep 30, 2025 Aug 20, 2025 N/A· v4 4.6 MEDIUM· v3 N/A· v2 In JetBrains IntelliJ IDEA before 2025.2 hTML injection was possible via Remote Development feature
CVE-2025-57729 1Jetbrains 1Intellij Idea Aug 21, 2025 Aug 20, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start
CVE-2025-57728 1Jetbrains 1Intellij Idea Aug 21, 2025 Aug 20, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 In JetBrains IntelliJ IDEA before 2025.2 improper access control allowed Code With Me guest to discover hidden files
CVE-2025-57727 1Jetbrains 1Intellij Idea Aug 21, 2025 Aug 20, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 In JetBrains IntelliJ IDEA before 2025.2 credentials disclosure was possible via remote reference
CVE-2025-54538 1Jetbrains 1Teamcity Jul 29, 2025 Jul 28, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg pull" command
CVE-2025-54537 1Jetbrains 1Teamcity Jul 29, 2025 Jul 28, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshots
CVE-2025-54536 1Jetbrains 1Teamcity Jul 31, 2025 Jul 28, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 In JetBrains TeamCity before 2025.07 a CSRF was possible on GraphQL endpoint
CVE-2025-54535 1Jetbrains 1Teamcity Jul 29, 2025 Jul 28, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 In JetBrains TeamCity before 2025.07 password reset and email verification tokens were using weak hashing algorithms
CVE-2025-54534 1Jetbrains 1Teamcity Jul 29, 2025 Jul 28, 2025 N/A· v4 4.8 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2025.07 reflected XSS was possible on the agentpushPreset page
CVE-2025-54533 1Jetbrains 1Teamcity Jul 29, 2025 Jul 28, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via VCS configuration
CVE-2025-54532 1Jetbrains 1Teamcity Jul 29, 2025 Jul 28, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via snapshot dependencies
CVE-2025-54531 1Jetbrains 1Teamcity Jul 31, 2025 Jul 28, 2025 N/A· v4 9.4 CRITICAL· v3 N/A· v2 In JetBrains TeamCity before 2025.07 path traversal was possible via plugin unpacking on Windows
CVE-2025-54530 1Jetbrains 1Teamcity Jul 31, 2025 Jul 28, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory permissions
CVE-2025-54529 1Jetbrains 1Teamcity Jul 31, 2025 Jul 28, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 In JetBrains TeamCity before 2025.07 a CSRF was possible in external OAuth login integration
CVE-2025-54528 1Jetbrains 1Teamcity Jul 31, 2025 Jul 28, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 In JetBrains TeamCity before 2025.07 a CSRF was possible in GitHub App connection flow
CVE-2025-54527 1Jetbrains 1Youtrack Dec 1, 2025 Jul 28, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 In JetBrains YouTrack before 2025.2.86935, 2025.2.87167, 2025.3.87341, 2025.3.87344 improper iframe configuration in widget sandbox allows popups to bypass security restrictions

Previous 1 2 345...29 Next