Filtered by vendor Jetbrains Subscriptions
Total 502 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-54537 1 Jetbrains 1 Teamcity 2025-07-29 5.5 Medium
In JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshots
CVE-2025-54527 1 Jetbrains 1 Youtrack 2025-07-29 6.1 Medium
In JetBrains YouTrack before 2025.2.86935, 2025.2.87167, 2025.3.87341, 2025.3.87344 improper iframe configuration in widget sandbox allows popups to bypass security restrictions
CVE-2025-53959 1 Jetbrains 1 Youtrack 2025-07-15 7.6 High
In JetBrains YouTrack before 2025.2.86069, 2024.3.85077, 2025.1.86199 email spoofing via an administrative API was possible
CVE-2025-29904 1 Jetbrains 1 Ktor 2025-07-12 5.3 Medium
In JetBrains Ktor before 3.1.1 an HTTP Request Smuggling was possible
CVE-2025-52877 1 Jetbrains 1 Teamcity 2025-06-27 4.8 Medium
In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible
CVE-2025-52876 1 Jetbrains 1 Teamcity 2025-06-25 5.4 Medium
In JetBrains TeamCity before 2025.03.3 reflected XSS on the favoriteIcon page was possible
CVE-2025-52875 1 Jetbrains 1 Teamcity 2025-06-25 5.4 Medium
In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible
CVE-2025-52878 1 Jetbrains 1 Teamcity 2025-06-25 4.3 Medium
In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissions
CVE-2025-52879 1 Jetbrains 1 Teamcity 2025-06-25 4.8 Medium
In JetBrains TeamCity before 2025.03.3 reflected XSS in the NPM Registry integration was possible
CVE-2025-47850 1 Jetbrains 1 Youtrack 2025-06-24 4.3 Medium
In JetBrains YouTrack before 2025.1.74704 restricted attachments could become visible after issue cloning
CVE-2025-43016 1 Jetbrains 1 Rider 2025-06-23 5.4 Medium
In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session
CVE-2024-22370 1 Jetbrains 1 Youtrack 2025-06-17 4.6 Medium
In JetBrains YouTrack before 2023.3.22666 stored XSS via markdown was possible
CVE-2024-27199 1 Jetbrains 1 Teamcity 2025-05-30 7.3 High
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
CVE-2025-47851 1 Jetbrains 1 Teamcity 2025-05-28 4.8 Medium
In JetBrains TeamCity before 2025.03.2 stored XSS via GitHub Checks Webhook was possible
CVE-2025-47852 1 Jetbrains 1 Teamcity 2025-05-28 4.8 Medium
In JetBrains TeamCity before 2025.03.2 stored XSS via YouTrack integration was possible
CVE-2025-47853 1 Jetbrains 1 Teamcity 2025-05-28 4.8 Medium
In JetBrains TeamCity before 2025.03.2 stored XSS via Jira integration was possible
CVE-2025-47854 1 Jetbrains 1 Teamcity 2025-05-28 4.3 Medium
In JetBrains TeamCity before 2025.03.2 open redirect was possible on editing VCS Root page
CVE-2025-48391 1 Jetbrains 1 Youtrack 2025-05-21 7.7 High
In JetBrains YouTrack before 2025.1.76253 deletion of issues was possible due to missing permission checks in API
CVE-2025-26492 1 Jetbrains 1 Teamcity 2025-05-16 7.7 High
In JetBrains TeamCity before 2024.12.2 improper Kubernetes connection settings could expose sensitive resources
CVE-2025-26493 1 Jetbrains 1 Teamcity 2025-05-16 4.6 Medium
In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab