In JetBrains Hub before 2024.3.47707 improper access control allowed users to generate permanent tokens for unauthorized services
In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition
In JetBrains GoLand before 2026.1.3 remote code execution was possible via untrusted project configuration
In JetBrains IntelliJ IDEA before 2025.2 credentials disclosure was possible via remote reference
In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation
In JetBrains IntelliJ IDEA before 2025.3 missing confirmation allowed opening of untrusted remote projects over SSH
In JetBrains YouTrack before 2025.1.76253 deletion of issues was possible due to missing permission checks in API
In JetBrains YouTrack before 2024.3.47197 insecure plugin iframe allowed arbitrary JavaScript execution and unauthorized API requests
Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 619, Acronis Backu
In JetBrains YouTrack before 2025.2.86935,
2025.2.87167,
2025.3.87341,
2025.3.87344 improper iframe configuration in widget sandbox allows popups to bypass security restrictions
In JetBrains Hub before 2025.3.104432 information disclosure was possible via the Users API
In JetBrains YouTrack before 2025.3.121962 apps were able to send requests to the app permissions endpoint
In JetBrains Runtime before 21.0.6b872.80 arbitrary dynamic library execution due to insecure macOS flags was possible
In JetBrains Hub before 2025.3.119807 authentication bypass allowing administrative actions was possible
In JetBrains YouTrack before 2025.1.74704 restricted attachments could become visible after issue cloning
In Malwarebytes For Teams v.1.0.990 and before and fixed in v.1.0.1003 and later a privilege escalation can occur via the COM interface running in mbamservice.exe.
In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 4625.
In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible
Missing Authorization vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetFormBuilder: from n/a thr