Filtered by vendor Jetbrains
Subscribe
Total
485 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-54528 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | N/A | 5.4 MEDIUM |
| In JetBrains TeamCity before 2025.07 a CSRF was possible in GitHub App connection flow | |||||
| CVE-2025-54529 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | N/A | 3.7 LOW |
| In JetBrains TeamCity before 2025.07 a CSRF was possible in external OAuth login integration | |||||
| CVE-2025-54530 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | N/A | 7.5 HIGH |
| In JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory permissions | |||||
| CVE-2025-54531 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | N/A | 7.7 HIGH |
| In JetBrains TeamCity before 2025.07 path traversal was possible via plugin unpacking on Windows | |||||
| CVE-2025-54536 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | N/A | 5.4 MEDIUM |
| In JetBrains TeamCity before 2025.07 a CSRF was possible on GraphQL endpoint | |||||
| CVE-2025-54532 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | N/A | 4.3 MEDIUM |
| In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via snapshot dependencies | |||||
| CVE-2025-54533 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | N/A | 4.3 MEDIUM |
| In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via VCS configuration | |||||
| CVE-2025-54534 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | N/A | 4.8 MEDIUM |
| In JetBrains TeamCity before 2025.07 reflected XSS was possible on the agentpushPreset page | |||||
| CVE-2025-54535 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | N/A | 5.8 MEDIUM |
| In JetBrains TeamCity before 2025.07 password reset and email verification tokens were using weak hashing algorithms | |||||
| CVE-2025-54538 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | N/A | 5.5 MEDIUM |
| In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg pull" command | |||||
| CVE-2025-54537 | 1 Jetbrains | 1 Teamcity | 2025-07-29 | N/A | 5.5 MEDIUM |
| In JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshots | |||||
| CVE-2025-52877 | 1 Jetbrains | 1 Teamcity | 2025-06-25 | N/A | 4.8 MEDIUM |
| In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible | |||||
| CVE-2025-52876 | 1 Jetbrains | 1 Teamcity | 2025-06-25 | N/A | 5.4 MEDIUM |
| In JetBrains TeamCity before 2025.03.3 reflected XSS on the favoriteIcon page was possible | |||||
| CVE-2025-52875 | 1 Jetbrains | 1 Teamcity | 2025-06-25 | N/A | 5.4 MEDIUM |
| In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible | |||||
| CVE-2025-52878 | 1 Jetbrains | 1 Teamcity | 2025-06-25 | N/A | 4.3 MEDIUM |
| In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissions | |||||
| CVE-2025-52879 | 1 Jetbrains | 1 Teamcity | 2025-06-25 | N/A | 4.8 MEDIUM |
| In JetBrains TeamCity before 2025.03.3 reflected XSS in the NPM Registry integration was possible | |||||
| CVE-2024-27199 | 1 Jetbrains | 1 Teamcity | 2025-05-30 | N/A | 7.3 HIGH |
| In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible | |||||
| CVE-2025-47851 | 1 Jetbrains | 1 Teamcity | 2025-05-28 | N/A | 4.8 MEDIUM |
| In JetBrains TeamCity before 2025.03.2 stored XSS via GitHub Checks Webhook was possible | |||||
| CVE-2025-47852 | 1 Jetbrains | 1 Teamcity | 2025-05-28 | N/A | 4.8 MEDIUM |
| In JetBrains TeamCity before 2025.03.2 stored XSS via YouTrack integration was possible | |||||
| CVE-2025-47853 | 1 Jetbrains | 1 Teamcity | 2025-05-28 | N/A | 4.8 MEDIUM |
| In JetBrains TeamCity before 2025.03.2 stored XSS via Jira integration was possible | |||||