Filtered by vendor Jetbrains
Subscribe
Total
358 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-37545 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In JetBrains TeamCity before 2021.1.1, insufficient authentication checks for agent requests were made. | |||||
CVE-2021-31904 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
In JetBrains TeamCity before 2020.2.2, XSS was potentially possible on the test history page. | |||||
CVE-2021-30504 | 1 Jetbrains | 1 Intellij Idea | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In JetBrains IntelliJ IDEA before 2021.1, DoS was possible because of unbounded resource allocation. | |||||
CVE-2021-31909 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible. | |||||
CVE-2021-31911 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
In JetBrains TeamCity before 2020.2.3, reflected XSS was possible on several pages. | |||||
CVE-2021-30006 | 1 Jetbrains | 1 Intellij Idea | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In IntelliJ IDEA before 2020.3.3, XXE was possible, leading to information disclosure. | |||||
CVE-2021-37543 | 1 Jetbrains | 1 Rubymine | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
In JetBrains RubyMine before 2021.1.1, code execution without user confirmation was possible for untrusted projects. | |||||
CVE-2021-37547 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
In JetBrains TeamCity before 2020.2.4, insufficient checks during file uploading were made. | |||||
CVE-2021-30482 | 1 Jetbrains | 1 Upsource | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In JetBrains UpSource before 2020.1.1883, application passwords were not revoked correctly | |||||
CVE-2021-37553 | 1 Jetbrains | 1 Youtrack | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In JetBrains YouTrack before 2021.2.16363, an insecure PRNG was used. | |||||
CVE-2021-29263 | 1 Jetbrains | 1 Intellij Idea | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
In JetBrains IntelliJ IDEA 2020.3.3, local code execution was possible because of insufficient checks when getting the project from VCS. | |||||
CVE-2021-25757 | 1 Jetbrains | 1 Hub | 2023-12-10 | 5.8 MEDIUM | 6.1 MEDIUM |
In JetBrains Hub before 2020.1.12629, an open redirect was possible. | |||||
CVE-2020-29582 | 2 Jetbrains, Oracle | 4 Kotlin, Communications Cloud Native Core Network Slice Selection Function, Communications Cloud Native Core Policy and 1 more | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions. | |||||
CVE-2021-25775 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 5.5 MEDIUM | 3.8 LOW |
In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for any other users. | |||||
CVE-2020-15822 | 1 Jetbrains | 1 Youtrack | 2023-12-10 | 7.5 HIGH | 7.3 HIGH |
In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped. | |||||
CVE-2020-27625 | 1 Jetbrains | 1 Youtrack | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
In JetBrains YouTrack before 2020.3.888, notifications might have mentioned inaccessible issues. | |||||
CVE-2021-25773 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
JetBrains TeamCity before 2020.2 was vulnerable to reflected XSS on several pages. | |||||
CVE-2020-25208 | 1 Jetbrains | 1 Youtrack | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions. | |||||
CVE-2020-27623 | 1 Jetbrains | 1 Ideavim | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
JetBrains IdeaVim before version 0.58 might have caused an information leak in limited circumstances. | |||||
CVE-2021-25768 | 1 Jetbrains | 1 Youtrack | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked improperly. |