Filtered by vendor Jetbrains
Subscriptions
Total
521 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-64683 | 1 Jetbrains | 1 Hub | 2025-11-12 | 5.3 Medium |
| In JetBrains Hub before 2025.3.104432 information disclosure was possible via the Users API | ||||
| CVE-2025-64690 | 1 Jetbrains | 1 Youtrack | 2025-11-12 | 5.4 Medium |
| In JetBrains YouTrack before 2025.3.104432 insecure Junie configuration could lead to data exposure and unauthorized changes | ||||
| CVE-2025-64681 | 1 Jetbrains | 1 Hub | 2025-11-12 | 2.7 Low |
| In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations | ||||
| CVE-2025-64686 | 1 Jetbrains | 1 Youtrack | 2025-11-12 | 3.1 Low |
| In JetBrains YouTrack before 2025.3.104432 missing user principal cleanup led to reuse of incorrect authorization context | ||||
| CVE-2025-64688 | 1 Jetbrains | 1 Youtrack | 2025-11-12 | 7.4 High |
| In JetBrains YouTrack before 2025.3.104432 missing VCS URL validation allowed delegation to unauthorized repositories from the Junie widget | ||||
| CVE-2025-64689 | 1 Jetbrains | 1 Youtrack | 2025-11-12 | 9.6 Critical |
| In JetBrains YouTrack before 2025.3.104432 misconfiguration in the Junie could lead to exposure of the global Junie token | ||||
| CVE-2025-64682 | 1 Jetbrains | 1 Hub | 2025-11-12 | 2.7 Low |
| In JetBrains Hub before 2025.3.104432 a race condition allowed bypass of the Agent-user limit | ||||
| CVE-2025-64456 | 1 Jetbrains | 1 Resharper | 2025-11-12 | 8.4 High |
| In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation | ||||
| CVE-2025-64687 | 1 Jetbrains | 1 Youtrack | 2025-11-12 | 5.4 Medium |
| In JetBrains YouTrack before 2025.3.104432 improper access control allowed modify MCP tool logic | ||||
| CVE-2025-64684 | 1 Jetbrains | 1 Youtrack | 2025-11-12 | 4.5 Medium |
| In JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback form | ||||
| CVE-2025-64685 | 1 Jetbrains | 1 Youtrack | 2025-11-12 | 8.1 High |
| In JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data disclosure | ||||
| CVE-2025-64773 | 1 Jetbrains | 1 Youtrack | 2025-11-12 | 2.7 Low |
| In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit | ||||
| CVE-2025-64457 | 1 Jetbrains | 1 Dottrace | 2025-11-12 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority while details are being clarified. A corrected record will be published once verification is complete. | ||||
| CVE-2024-27198 | 1 Jetbrains | 1 Teamcity | 2025-10-24 | 9.8 Critical |
| In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible | ||||
| CVE-2023-42793 | 1 Jetbrains | 1 Teamcity | 2025-10-24 | 9.8 Critical |
| In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible | ||||
| CVE-2025-58334 | 1 Jetbrains | 1 Ide Services | 2025-10-14 | 8.1 High |
| In JetBrains IDE Services before 2025.5.0.1086, 2025.4.2.2164 users without appropriate permissions could assign high-privileged role for themselves | ||||
| CVE-2025-53959 | 1 Jetbrains | 1 Youtrack | 2025-10-14 | 7.6 High |
| In JetBrains YouTrack before 2025.2.86069, 2024.3.85077, 2025.1.86199 email spoofing via an administrative API was possible | ||||
| CVE-2025-29904 | 1 Jetbrains | 1 Ktor | 2025-10-02 | 5.3 Medium |
| In JetBrains Ktor before 3.1.1 an HTTP Request Smuggling was possible | ||||
| CVE-2025-43012 | 1 Jetbrains | 1 Toolbox | 2025-10-01 | 8.3 High |
| In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible | ||||
| CVE-2025-43016 | 1 Jetbrains | 1 Rider | 2025-10-01 | 5.4 Medium |
| In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session | ||||