Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (502 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-46826 1 Jetbrains 1 Intellij Idea 2025-04-23 6.2 Medium
In JetBrains IntelliJ IDEA before 2022.3 the built-in web server allowed an arbitrary file to be read by exploiting a path traversal vulnerability.
CVE-2022-46829 1 Jetbrains 1 Jetbrains Gateway 2025-04-23 7.1 High
In JetBrains JetBrains Gateway before 2022.3 a client could connect without a valid token if the host consented.
CVE-2022-46830 1 Jetbrains 1 Teamcity 2025-04-23 4.1 Medium
In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning.
CVE-2022-46828 2 Apple, Jetbrains 2 Macos, Intellij Idea 2025-04-22 5.2 Medium
In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on macOS was possible.
CVE-2022-46827 1 Jetbrains 1 Intellij Idea 2025-04-22 3.9 Low
In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible.
CVE-2022-46831 1 Jetbrains 1 Teamcity 2025-04-22 6.6 Medium
In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators.
CVE-2024-28229 1 Jetbrains 1 Youtrack 2025-04-16 6.5 Medium
In JetBrains YouTrack before 2024.1.25893 user without appropriate permissions could restore issues and articles
CVE-2022-47895 1 Jetbrains 1 Intellij Idea 2025-04-15 4.7 Medium
In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol to download required JAR files.
CVE-2022-47896 1 Jetbrains 1 Intellij Idea 2025-04-15 5 Medium
In JetBrains IntelliJ IDEA before 2022.3.1 code Templates were vulnerable to SSTI attacks.
CVE-2014-10036 1 Jetbrains 1 Teamcity 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in JetBrains TeamCity before 8.1 allows remote attackers to inject arbitrary web script or HTML via the cameFromUrl parameter to feed/generateFeedUrl.html.
CVE-2014-10002 1 Jetbrains 1 Teamcity 2025-04-12 N/A
Unspecified vulnerability in JetBrains TeamCity before 8.1 allows remote attackers to obtain sensitive information via unknown vectors.
CVE-2025-32054 1 Jetbrains 1 Intellij Idea 2025-04-07 3.3 Low
In JetBrains IntelliJ IDEA before 2024.3, 2024.2.4 source code could be logged in the idea.log file
CVE-2025-29932 1 Jetbrains 1 Goland 2025-03-27 4.1 Medium
In JetBrains GoLand before 2025.1 an XXE during debugging was possible
CVE-2022-48342 1 Jetbrains 1 Teamcity 2025-03-12 5.2 Medium
In JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents.
CVE-2022-48344 1 Jetbrains 1 Teamcity 2025-03-11 5.4 Medium
In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the group creation process.
CVE-2022-48343 1 Jetbrains 1 Teamcity 2025-03-11 5.4 Medium
In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the user creation process.
CVE-2022-48426 1 Jetbrains 1 Teamcity 2025-02-19 4.6 Medium
In JetBrains TeamCity before 2022.10.3 stored XSS in Perforce connection settings was possible
CVE-2022-48429 1 Jetbrains 1 Hub 2025-02-19 4.6 Medium
In JetBrains Hub before 2022.3.15573, 2022.2.15572, 2022.1.15583 reflected XSS in dashboards was possible
CVE-2022-48428 1 Jetbrains 1 Teamcity 2025-02-19 4.6 Medium
In JetBrains TeamCity before 2022.10.3 stored XSS on the SSH keys page was possible
CVE-2022-48427 1 Jetbrains 1 Teamcity 2025-02-19 4.6 Medium
In JetBrains TeamCity before 2022.10.3 stored XSS on “Pending changes” and “Changes” tabs was possible