Search CVEs

Top 20 matches Showing top matches — use filters or a more specific query to narrow

CVE-2025-57729

HIGH CVSS 7.3

Find Similar

In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start

jetbrains

CVE-2025-47853

MEDIUM CVSS 5.4

Find Similar

In JetBrains TeamCity before 2025.03.2 stored XSS via Jira integration was possible

jetbrains

CVE-2025-29903

HIGH CVSS 7.8

Find Similar

In JetBrains Runtime before 21.0.6b872.80 arbitrary dynamic library execution due to insecure macOS flags was possible

jetbrains

CVE-2024-50577

MEDIUM CVSS 5.4

Find Similar

In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via Angular template injection in Hub settings

jetbrains

CVE-2024-54154

CRITICAL CVSS 9.8

Find Similar

In JetBrains YouTrack before 2024.3.51866 system takeover was possible through path traversal in plugin sandbox

jetbrains

CVE-2025-54538

MEDIUM CVSS 5.5

Find Similar

In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg pull" command

jetbrains

CVE-2026-49374

HIGH CVSS 7.6

Find Similar

In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters

jetbrains

CVE-2025-47850

MEDIUM CVSS 5.3

Find Similar

In JetBrains YouTrack before 2025.1.74704 restricted attachments could become visible after issue cloning

jetbrains

CVE-2026-49371

HIGH CVSS 8.2

Find Similar

In JetBrains TeamCity before 2026.1.1 reflected XSS in the keyword filter was possible

jetbrains

CVE-2024-49579

MEDIUM CVSS 6.1

Find Similar

In JetBrains YouTrack before 2024.3.47197 insecure plugin iframe allowed arbitrary JavaScript execution and unauthorized API requests

jetbrains

CVE-2024-47161

MEDIUM CVSS 6.5

Find Similar

In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST API

jetbrains

CVE-2025-67742

HIGH CVSS 7.5

Find Similar

In JetBrains TeamCity before 2025.11 path traversal was possible via file upload

jetbrains

CVE-2025-47852

MEDIUM CVSS 5.4

Find Similar

In JetBrains TeamCity before 2025.03.2 stored XSS via YouTrack integration was possible

jetbrains

CVE-2024-50574

HIGH CVSS 7.5

Find Similar

In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality

jetbrains

CVE-2026-28195

MEDIUM CVSS 4.3

Find Similar

In JetBrains TeamCity before 2025.11.3 missing authorization allowed project developers to add parameters to build configurations

jetbrains

CVE-2024-50576

MEDIUM CVSS 5.4

Find Similar

In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via vendor URL in App manifest

jetbrains

CVE-2024-54155

MEDIUM CVSS 5.3

Find Similar

In JetBrains YouTrack before 2024.3.51866 improper access control allowed listing of project names during app import without authentication

jetbrains

CVE-2024-50575

MEDIUM CVSS 6.1

Find Similar

In JetBrains YouTrack before 2024.3.47707 reflected XSS was possible in Widget API

jetbrains

CVE-2026-25063

HIGH CVSS 8.3

Find Similar

gradle-completion provides Bash and Zsh completion support for Gradle. A command injection vulnerability was found in gradle-completion up to and including 9.3.0 that allows arbitrary code execution w

gradle

CVE-2024-50581

MEDIUM CVSS 5.4

Find Similar

In JetBrains YouTrack before 2024.3.47707 improper HTML sanitization could lead to XSS attack via comment tag

jetbrains

← Previous Page 2+ Next →