Filtered by vendor Jetbrains
Subscribe
Total
530 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-58335 | 1 Jetbrains | 1 Junie | 2026-01-20 | N/A | 5.5 MEDIUM |
| In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 information disclosure was possible via search_project function | |||||
| CVE-2025-59458 | 1 Jetbrains | 1 Junie | 2026-01-20 | N/A | 8.3 HIGH |
| In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61, 252.284.50, 252.284.54, 251.284.54, 251.284.50, 243.284.54, 243.284.50 code execution was possible due to improper command validation | |||||
| CVE-2025-29903 | 1 Jetbrains | 1 Runtime | 2026-01-13 | N/A | 5.2 MEDIUM |
| In JetBrains Runtime before 21.0.6b872.80 arbitrary dynamic library execution due to insecure macOS flags was possible | |||||
| CVE-2025-64457 | 1 Jetbrains | 3 Dottrace, Resharper, Rider | 2026-01-12 | N/A | 4.2 MEDIUM |
| In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition | |||||
| CVE-2025-23385 | 1 Jetbrains | 4 Dottrace, Etw Host Service, Resharper and 1 more | 2026-01-12 | N/A | 7.8 HIGH |
| In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, ETW Host Service before 16.43, Local Privilege Escalation via the ETW Host Service was possible | |||||
| CVE-2025-67739 | 1 Jetbrains | 1 Teamcity | 2025-12-23 | N/A | 3.1 LOW |
| In JetBrains TeamCity before 2025.11.2 improper repository URL validation could lead to local paths disclosure | |||||
| CVE-2025-68269 | 1 Jetbrains | 1 Intellij Idea | 2025-12-23 | N/A | 5.4 MEDIUM |
| In JetBrains IntelliJ IDEA before 2025.3 missing confirmation allowed opening of untrusted remote projects over SSH | |||||
| CVE-2025-68162 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | N/A | 2.7 LOW |
| In JetBrains TeamCity before 2025.11 maven embedder allowed loading extensions via project configuration | |||||
| CVE-2025-68163 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | N/A | 3.5 LOW |
| In JetBrains TeamCity before 2025.11 stored XSS was possible on agentpushInstall page | |||||
| CVE-2025-68164 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | N/A | 2.7 LOW |
| In JetBrains TeamCity before 2025.11 port enumeration was possible via the Perforce connection test | |||||
| CVE-2025-68165 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | N/A | 5.4 MEDIUM |
| In JetBrains TeamCity before 2025.11 reflected XSS was possible on VCS Root setup | |||||
| CVE-2025-68166 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | N/A | 5.4 MEDIUM |
| In JetBrains TeamCity before 2025.11 a DOM-based XSS was possible on the OAuth connections tab | |||||
| CVE-2025-68267 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | N/A | 6.5 MEDIUM |
| In JetBrains TeamCity before 2025.11.1 excessive privileges were possible due to storing GitHub personal access token instead of an installation token | |||||
| CVE-2025-68268 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | N/A | 5.4 MEDIUM |
| In JetBrains TeamCity before 2025.11.1 reflected XSS was possible on the storage settings page | |||||
| CVE-2025-67740 | 1 Jetbrains | 1 Teamcity | 2025-12-15 | N/A | 2.7 LOW |
| In JetBrains TeamCity before 2025.11 improper access control could expose GitHub App token's metadata | |||||
| CVE-2025-67741 | 1 Jetbrains | 1 Teamcity | 2025-12-15 | N/A | 4.6 MEDIUM |
| In JetBrains TeamCity before 2025.11 stored XSS was possible via session attribute | |||||
| CVE-2025-67742 | 1 Jetbrains | 1 Teamcity | 2025-12-15 | N/A | 3.8 LOW |
| In JetBrains TeamCity before 2025.11 path traversal was possible via file upload | |||||
| CVE-2025-64773 | 1 Jetbrains | 1 Youtrack | 2025-12-11 | N/A | 2.7 LOW |
| In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit | |||||
| CVE-2025-54527 | 1 Jetbrains | 1 Youtrack | 2025-12-01 | N/A | 6.1 MEDIUM |
| In JetBrains YouTrack before 2025.2.86935, 2025.2.87167, 2025.3.87341, 2025.3.87344 improper iframe configuration in widget sandbox allows popups to bypass security restrictions | |||||
| CVE-2025-64683 | 1 Jetbrains | 1 Hub | 2025-11-21 | N/A | 5.3 MEDIUM |
| In JetBrains Hub before 2025.3.104432 information disclosure was possible via the Users API | |||||