Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (533 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-46618 1 Jetbrains 1 Teamcity 2025-05-16 3.5 Low
In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab
CVE-2024-24940 1 Jetbrains 1 Intellij Idea 2025-05-15 2.8 Low
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives
CVE-2022-44624 1 Jetbrains 1 Teamcity 2025-05-02 6.5 Medium
In JetBrains TeamCity version before 2022.10, Password parameters could be exposed in the build log if they contained special characters
CVE-2022-44646 1 Jetbrains 1 Teamcity 2025-05-02 2.2 Low
In JetBrains TeamCity version before 2022.10, no audit items were added upon editing a user's settings
CVE-2022-44622 1 Jetbrains 1 Teamcity 2025-05-02 2.7 Low
In JetBrains TeamCity version between 2021.2 and 2022.10 access permissions for secure token health items were excessive
CVE-2022-44623 1 Jetbrains 1 Teamcity 2025-04-30 6.5 Medium
In JetBrains TeamCity version before 2022.10, Project Viewer could see scrambled secure values in the MetaRunner settings
CVE-2022-45471 1 Jetbrains 1 Hub 2025-04-28 3.5 Low
In JetBrains Hub before 2022.3.15181 Throttling was missed when sending emails to a particular email address
CVE-2025-43015 1 Jetbrains 1 Rubymine 2025-04-25 8.3 High
In JetBrains RubyMine before 2025.1 remote Interpreter overwrote ports to listen on all interfaces
CVE-2025-43014 1 Jetbrains 1 Toolbox 2025-04-23 6.1 Medium
In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user confirmation
CVE-2025-43013 1 Jetbrains 1 Toolbox 2025-04-23 6.9 Medium
In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible
CVE-2025-42921 1 Jetbrains 1 Toolbox 2025-04-23 4.2 Medium
In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin
CVE-2022-46824 2 Apple, Jetbrains 2 Macos, Intellij Idea 2025-04-23 5.6 Medium
In JetBrains IntelliJ IDEA before 2022.2.4 a buffer overflow in the fsnotifier daemon on macOS was possible.
CVE-2022-46825 1 Jetbrains 1 Intellij Idea 2025-04-23 4 Medium
In JetBrains IntelliJ IDEA before 2022.3 the built-in web server leaked information about open projects.
CVE-2022-46826 1 Jetbrains 1 Intellij Idea 2025-04-23 6.2 Medium
In JetBrains IntelliJ IDEA before 2022.3 the built-in web server allowed an arbitrary file to be read by exploiting a path traversal vulnerability.
CVE-2022-46829 1 Jetbrains 1 Jetbrains Gateway 2025-04-23 7.1 High
In JetBrains JetBrains Gateway before 2022.3 a client could connect without a valid token if the host consented.
CVE-2022-46830 1 Jetbrains 1 Teamcity 2025-04-23 4.1 Medium
In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning.
CVE-2022-46828 2 Apple, Jetbrains 2 Macos, Intellij Idea 2025-04-22 5.2 Medium
In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on macOS was possible.
CVE-2022-46827 1 Jetbrains 1 Intellij Idea 2025-04-22 3.9 Low
In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible.
CVE-2022-46831 1 Jetbrains 1 Teamcity 2025-04-22 6.6 Medium
In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators.
CVE-2024-28229 1 Jetbrains 1 Youtrack 2025-04-16 6.5 Medium
In JetBrains YouTrack before 2024.1.25893 user without appropriate permissions could restore issues and articles