Filtered by vendor Jetbrains
Subscriptions
Total
534 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-29903 | 1 Jetbrains | 1 Runtime | 2026-01-13 | 5.2 Medium |
| In JetBrains Runtime before 21.0.6b872.80 arbitrary dynamic library execution due to insecure macOS flags was possible | ||||
| CVE-2025-64457 | 1 Jetbrains | 3 Dottrace, Resharper, Rider | 2026-01-12 | 4.2 Medium |
| In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition | ||||
| CVE-2025-23385 | 1 Jetbrains | 4 Dottrace, Etw Host Service, Resharper and 1 more | 2026-01-12 | 7.8 High |
| In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, ETW Host Service before 16.43, Local Privilege Escalation via the ETW Host Service was possible | ||||
| CVE-2025-67739 | 1 Jetbrains | 1 Teamcity | 2025-12-23 | 3.1 Low |
| In JetBrains TeamCity before 2025.11.2 improper repository URL validation could lead to local paths disclosure | ||||
| CVE-2025-68269 | 1 Jetbrains | 1 Intellij Idea | 2025-12-23 | 5.4 Medium |
| In JetBrains IntelliJ IDEA before 2025.3 missing confirmation allowed opening of untrusted remote projects over SSH | ||||
| CVE-2025-68162 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | 2.7 Low |
| In JetBrains TeamCity before 2025.11 maven embedder allowed loading extensions via project configuration | ||||
| CVE-2025-68163 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | 3.5 Low |
| In JetBrains TeamCity before 2025.11 stored XSS was possible on agentpushInstall page | ||||
| CVE-2025-68164 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | 2.7 Low |
| In JetBrains TeamCity before 2025.11 port enumeration was possible via the Perforce connection test | ||||
| CVE-2025-68165 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | 5.4 Medium |
| In JetBrains TeamCity before 2025.11 reflected XSS was possible on VCS Root setup | ||||
| CVE-2025-68166 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | 5.4 Medium |
| In JetBrains TeamCity before 2025.11 a DOM-based XSS was possible on the OAuth connections tab | ||||
| CVE-2025-68267 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | 6.5 Medium |
| In JetBrains TeamCity before 2025.11.1 excessive privileges were possible due to storing GitHub personal access token instead of an installation token | ||||
| CVE-2025-68268 | 1 Jetbrains | 1 Teamcity | 2025-12-18 | 5.4 Medium |
| In JetBrains TeamCity before 2025.11.1 reflected XSS was possible on the storage settings page | ||||
| CVE-2025-67740 | 1 Jetbrains | 1 Teamcity | 2025-12-15 | 2.7 Low |
| In JetBrains TeamCity before 2025.11 improper access control could expose GitHub App token's metadata | ||||
| CVE-2025-67741 | 1 Jetbrains | 1 Teamcity | 2025-12-15 | 4.8 Medium |
| In JetBrains TeamCity before 2025.11 stored XSS was possible via session attribute | ||||
| CVE-2025-67742 | 1 Jetbrains | 1 Teamcity | 2025-12-15 | 3.8 Low |
| In JetBrains TeamCity before 2025.11 path traversal was possible via file upload | ||||
| CVE-2025-64773 | 1 Jetbrains | 1 Youtrack | 2025-12-11 | 2.7 Low |
| In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit | ||||
| CVE-2025-64690 | 1 Jetbrains | 1 Youtrack | 2025-12-02 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it relates to internal functionality that is not available to customers. | ||||
| CVE-2025-64689 | 1 Jetbrains | 1 Youtrack | 2025-12-02 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it relates to internal functionality that is not available to customers. | ||||
| CVE-2025-64688 | 1 Jetbrains | 1 Youtrack | 2025-12-02 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it relates to internal functionality that is not available to customers. | ||||
| CVE-2025-64687 | 1 Jetbrains | 1 Youtrack | 2025-12-02 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it was fixed before public disclosure and did not affect any released versions. | ||||