Search CVEs

Top 20 matches Showing top matches — use filters or a more specific query to narrow

CVE-2024-54153

MEDIUM CVSS 6.5

In JetBrains YouTrack before 2024.3.51866 unauthenticated database backup download was possible via vulnerable query parameter

jetbrains

CVE-2025-53959

HIGH CVSS 7.6

Find Similar

In JetBrains YouTrack before 2025.2.86069, 2024.3.85077, 2025.1.86199 email spoofing via an administrative API was possible

jetbrains

CVE-2026-50242

CRITICAL CVSS 10.0

Find Similar

In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 authentication bypass via direct database access leading to administrative access was po

CVE-2025-64684

HIGH CVSS 7.5

Find Similar

In JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback form

jetbrains

CVE-2024-54158

MEDIUM CVSS 5.3

Find Similar

In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of Punycode encoding

jetbrains

CVE-2025-54533

MEDIUM CVSS 4.3

Find Similar

In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via VCS configuration

jetbrains

CVE-2025-52878

MEDIUM CVSS 4.3

Find Similar

In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissions

jetbrains

CVE-2025-64773

LOW CVSS 3.7

Find Similar

In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit

jetbrains

CVE-2026-25848

CRITICAL CVSS 9.8

Find Similar

In JetBrains Hub before 2025.3.119807 authentication bypass allowing administrative actions was possible

jetbrains

CVE-2025-64685

HIGH CVSS 7.5

Find Similar

In JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data disclosure

jetbrains

CVE-2025-64681

LOW CVSS 3.7

Find Similar

In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via invitations

jetbrains

CVE-2024-56348

MEDIUM CVSS 4.3

Find Similar

In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agents

jetbrains

CVE-2025-64457

HIGH CVSS 7.0

Find Similar

In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition

jetbrains

CVE-2024-54156

MEDIUM CVSS 6.5

Find Similar

In JetBrains YouTrack before 2024.3.52635 multiple merge functions were vulnerable to prototype pollution attack

jetbrains

CVE-2024-47162

MEDIUM CVSS 5.3

Find Similar

In JetBrains YouTrack before 2024.3.44799 token could be revealed on Imports page

jetbrains

CVE-2025-54532

MEDIUM CVSS 4.3

Find Similar

In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via snapshot dependencies

jetbrains

CVE-2024-43114

HIGH CVSS 7.8

Find Similar

In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissions

jetbrains

CVE-2026-32229

MEDIUM CVSS 6.8

Find Similar

In JetBrains Hub before 2026.1 possible on sign-in account mismatch with non-SSO auth and 2FA disabled

jetbrains

CVE-2025-54530

CRITICAL CVSS 9.8

Find Similar

In JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory permissions

jetbrains

CVE-2025-23385

HIGH CVSS 7.8

Find Similar

In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, ETW Host Service before 16.43, Local Pr

jetbrains

← Previous Page 2+ Next →