Jetbrains

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-53959 1Jetbrains 1Youtrack Oct 14, 2025 Jul 15, 2025 N/A· v4 7.6 HIGH· v3 N/A· v2 In JetBrains YouTrack before 2025.2.86069, 2024.3.85077, 2025.1.86199 email spoofing via an administrative API was possible
CVE-2025-52879 1Jetbrains 1Teamcity Jun 25, 2025 Jun 23, 2025 N/A· v4 4.8 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2025.03.3 reflected XSS in the NPM Registry integration was possible
CVE-2025-52878 1Jetbrains 1Teamcity Jun 25, 2025 Jun 23, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissions
CVE-2025-52877 1Jetbrains 1Teamcity Jun 25, 2025 Jun 23, 2025 N/A· v4 4.8 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible
CVE-2025-52876 1Jetbrains 1Teamcity Jun 25, 2025 Jun 23, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2025.03.3 reflected XSS on the favoriteIcon page was possible
CVE-2025-52875 1Jetbrains 1Teamcity Jun 25, 2025 Jun 23, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible
CVE-2025-48391 1Jetbrains 1Youtrack Sep 30, 2025 May 20, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 In JetBrains YouTrack before 2025.1.76253 deletion of issues was possible due to missing permission checks in API
CVE-2025-47854 1Jetbrains 1Teamcity May 28, 2025 May 20, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2025.03.2 open redirect was possible on editing VCS Root page
CVE-2025-47853 1Jetbrains 1Teamcity May 28, 2025 May 20, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2025.03.2 stored XSS via Jira integration was possible
CVE-2025-47852 1Jetbrains 1Teamcity May 28, 2025 May 20, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2025.03.2 stored XSS via YouTrack integration was possible
CVE-2025-47851 1Jetbrains 1Teamcity May 28, 2025 May 20, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2025.03.2 stored XSS via GitHub Checks Webhook was possible
CVE-2025-47850 1Jetbrains 1Youtrack Sep 30, 2025 May 20, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 In JetBrains YouTrack before 2025.1.74704 restricted attachments could become visible after issue cloning
CVE-2025-46618 1Jetbrains 1Teamcity May 16, 2025 Apr 25, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab
CVE-2025-46433 1Jetbrains 1Teamcity May 16, 2025 Apr 25, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was possible
CVE-2025-46432 1Jetbrains 1Teamcity May 16, 2025 Apr 25, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs
CVE-2025-43016 1Jetbrains 1Rider Oct 1, 2025 Apr 25, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session
CVE-2025-43015 1Jetbrains 1Rubymine Apr 25, 2025 Apr 17, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 In JetBrains RubyMine before 2025.1 remote Interpreter overwrote ports to listen on all interfaces
CVE-2025-43014 1Jetbrains 1Toolbox Apr 23, 2025 Apr 17, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user confirmation
CVE-2025-43013 1Jetbrains 1Toolbox Apr 23, 2025 Apr 17, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible
CVE-2025-43012 1Jetbrains 1Toolbox Oct 1, 2025 Apr 17, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible

Previous 1...456...29 Next