Filtered by vendor Jetbrains
Subscriptions
Total
404 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-52555 | 1 Jetbrains | 1 Webstorm | 2024-11-18 | 6.3 Medium |
| In JetBrains WebStorm before 2024.3 code execution in Untrusted Project mode was possible via type definitions installer script | ||||
| CVE-2024-49580 | 1 Jetbrains | 1 Ktor | 2024-11-14 | 5.3 Medium |
| In JetBrains Ktor before 3.0.0 improper caching in HttpCache Plugin could lead to response information disclosure | ||||
| CVE-2024-49579 | 1 Jetbrains | 1 Youtrack | 2024-11-14 | 8.1 High |
| In JetBrains YouTrack before 2024.3.47197 insecure plugin iframe allowed arbitrary JavaScript execution and unauthorized API requests | ||||
| CVE-2023-38068 | 1 Jetbrains | 1 Youtrack | 2024-11-07 | 6.5 Medium |
| In JetBrains YouTrack before 2023.1.16597 captcha was not properly validated for Helpdesk forms | ||||
| CVE-2024-50575 | 1 Jetbrains | 1 Youtrack | 2024-10-29 | 4.6 Medium |
| In JetBrains YouTrack before 2024.3.47707 reflected XSS was possible in Widget API | ||||
| CVE-2024-50576 | 1 Jetbrains | 1 Youtrack | 2024-10-29 | 4.6 Medium |
| In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via vendor URL in App manifest | ||||
| CVE-2024-50577 | 1 Jetbrains | 1 Youtrack | 2024-10-29 | 4.6 Medium |
| In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via Angular template injection in Hub settings | ||||
| CVE-2024-50578 | 1 Jetbrains | 1 Youtrack | 2024-10-29 | 4.6 Medium |
| In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via sprint value on agile boards page | ||||
| CVE-2024-50579 | 1 Jetbrains | 1 Youtrack | 2024-10-29 | 4.6 Medium |
| In JetBrains YouTrack before 2024.3.47707 reflected XSS due to insecure link sanitization was possible | ||||
| CVE-2024-50580 | 1 Jetbrains | 1 Youtrack | 2024-10-29 | 4.6 Medium |
| In JetBrains YouTrack before 2024.3.47707 multiple XSS were possible due to insecure markdown parsing and custom rendering rule | ||||
| CVE-2024-50581 | 1 Jetbrains | 1 Youtrack | 2024-10-29 | 4.6 Medium |
| In JetBrains YouTrack before 2024.3.47707 improper HTML sanitization could lead to XSS attack via comment tag | ||||
| CVE-2024-50582 | 1 Jetbrains | 1 Youtrack | 2024-10-29 | 4.6 Medium |
| In JetBrains YouTrack before 2024.3.47707 stored XSS was possible due to improper HTML sanitization in markdown elements | ||||
| CVE-2024-50574 | 1 Jetbrains | 1 Youtrack | 2024-10-29 | 5.3 Medium |
| In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality | ||||
| CVE-2024-50573 | 1 Jetbrains | 1 Hub | 2024-10-29 | 4.3 Medium |
| In JetBrains Hub before 2024.3.47707 improper access control allowed users to generate permanent tokens for unauthorized services | ||||
| CVE-2022-24329 | 2 Jetbrains, Oracle | 3 Kotlin, Communications Cloud Native Core Binding Support Function, Communications Pricing Design Center | 2024-10-29 | 5.3 Medium |
| In JetBrains Kotlin before 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects. | ||||
| CVE-2023-39261 | 1 Jetbrains | 1 Intellij Idea | 2024-10-23 | 5.2 Medium |
| In JetBrains IntelliJ IDEA before 2023.2 plugin for Space was requesting excessive permissions | ||||
| CVE-2023-38061 | 1 Jetbrains | 1 Teamcity | 2024-10-23 | 4.6 Medium |
| In JetBrains TeamCity before 2023.05.1 stored XSS when using a custom theme was possible | ||||
| CVE-2023-38062 | 1 Jetbrains | 1 Teamcity | 2024-10-23 | 4.3 Medium |
| In JetBrains TeamCity before 2023.05.1 parameters of the "password" type could be shown in the UI in certain composite build configurations | ||||
| CVE-2023-38063 | 1 Jetbrains | 1 Teamcity | 2024-10-23 | 4.6 Medium |
| In JetBrains TeamCity before 2023.05.1 stored XSS while running custom builds was possible | ||||
| CVE-2023-38065 | 1 Jetbrains | 1 Teamcity | 2024-10-22 | 4.6 Medium |
| In JetBrains TeamCity before 2023.05.1 stored XSS while viewing the build log was possible | ||||