Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Jetbrains Subscribe
Total 293 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-31911 1 Jetbrains 1 Teamcity 2021-05-14 4.3 MEDIUM 6.1 MEDIUM
In JetBrains TeamCity before 2020.2.3, reflected XSS was possible on several pages.
CVE-2021-31906 1 Jetbrains 1 Teamcity 2021-05-14 4.0 MEDIUM 2.7 LOW
In JetBrains TeamCity before 2020.2.2, audit logs were not sufficient when an administrator uploaded a file.
CVE-2021-31907 1 Jetbrains 1 Teamcity 2021-05-14 5.0 MEDIUM 5.3 MEDIUM
In JetBrains TeamCity before 2020.2.2, permission checks for changing TeamCity plugins were implemented improperly.
CVE-2021-31909 1 Jetbrains 1 Teamcity 2021-05-14 7.5 HIGH 9.8 CRITICAL
In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible.
CVE-2021-3315 1 Jetbrains 1 Teamcity 2021-05-13 3.5 LOW 5.4 MEDIUM
In JetBrains TeamCity before 2020.2.2, stored XSS on a tests page was possible.
CVE-2021-31908 1 Jetbrains 1 Teamcity 2021-05-13 3.5 LOW 5.4 MEDIUM
In JetBrains TeamCity before 2020.2.3, stored XSS was possible on several pages.
CVE-2021-25764 1 Jetbrains 1 Phpstorm 2021-03-24 5.0 MEDIUM 5.3 MEDIUM
In JetBrains PhpStorm before 2020.3, source code could be added to debug logs.
CVE-2021-25766 1 Jetbrains 1 Youtrack 2021-02-08 5.0 MEDIUM 5.3 MEDIUM
In JetBrains YouTrack before 2020.4.4701, improper resource access checks were made.
CVE-2021-25761 1 Jetbrains 1 Ktor 2021-02-08 5.0 MEDIUM 5.3 MEDIUM
In JetBrains Ktor before 1.5.0, a birthday attack on SessionStorage key was possible.
CVE-2021-25762 1 Jetbrains 1 Ktor 2021-02-08 5.0 MEDIUM 5.3 MEDIUM
In JetBrains Ktor before 1.4.3, HTTP Request Smuggling was possible.
CVE-2020-35667 1 Jetbrains 1 Teamcity 2021-02-05 5.0 MEDIUM 7.5 HIGH
JetBrains TeamCity Plugin before 2020.2.85695 SSRF. Vulnerability that could potentially expose user credentials.
CVE-2021-25763 1 Jetbrains 1 Ktor 2021-02-05 5.0 MEDIUM 5.3 MEDIUM
In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default.
CVE-2020-25208 1 Jetbrains 1 Youtrack 2021-02-05 5.0 MEDIUM 5.3 MEDIUM
In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions.
CVE-2021-25769 1 Jetbrains 1 Youtrack 2021-02-05 5.0 MEDIUM 7.5 HIGH
In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access attachments.
CVE-2021-25767 1 Jetbrains 1 Youtrack 2021-02-05 5.0 MEDIUM 5.3 MEDIUM
In JetBrains YouTrack before 2020.6.1767, an issue's existence could be disclosed via YouTrack command execution.
CVE-2021-25774 1 Jetbrains 1 Teamcity 2021-02-05 4.0 MEDIUM 4.3 MEDIUM
In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user.
CVE-2021-25770 1 Jetbrains 1 Youtrack 2021-02-05 7.5 HIGH 9.8 CRITICAL
In JetBrains YouTrack before 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution.
CVE-2021-25756 1 Jetbrains 1 Intellij Idea 2021-02-04 5.0 MEDIUM 5.3 MEDIUM
In JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories instead of HTTPS.
CVE-2021-25757 1 Jetbrains 1 Hub 2021-02-04 5.8 MEDIUM 6.1 MEDIUM
In JetBrains Hub before 2020.1.12629, an open redirect was possible.
CVE-2021-25760 1 Jetbrains 1 Hub 2021-02-04 5.0 MEDIUM 5.3 MEDIUM
In JetBrains Hub before 2020.1.12669, information disclosure via the public API was possible.