Filtered by vendor Jetbrains
Subscribe
Total
293 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-43192 | 2 Apple, Jetbrains | 2 Iphone Os, Youtrack Mobile | 2021-11-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| In JetBrains YouTrack Mobile before 2021.2, iOS URL scheme hijacking is possible. | |||||
| CVE-2021-43193 | 1 Jetbrains | 1 Teamcity | 2021-11-10 | 7.5 HIGH | 9.8 CRITICAL |
| In JetBrains TeamCity before 2021.1.2, remote code execution via the agent push functionality is possible. | |||||
| CVE-2021-43194 | 1 Jetbrains | 1 Teamcity | 2021-11-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| In JetBrains TeamCity before 2021.1.2, user enumeration was possible. | |||||
| CVE-2021-43203 | 1 Jetbrains | 1 Ktor | 2021-11-10 | 5.0 MEDIUM | 7.5 HIGH |
| In JetBrains Ktor before 1.6.4, nonce verification during the OAuth2 authentication process is implemented improperly. | |||||
| CVE-2021-43180 | 1 Jetbrains | 1 Hub | 2021-11-10 | 5.0 MEDIUM | 7.5 HIGH |
| In JetBrains Hub before 2021.1.13690, information disclosure via avatar metadata is possible. | |||||
| CVE-2021-43181 | 1 Jetbrains | 1 Hub | 2021-11-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| In JetBrains Hub before 2021.1.13690, stored XSS is possible. | |||||
| CVE-2021-43182 | 1 Jetbrains | 1 Hub | 2021-11-10 | 5.0 MEDIUM | 7.5 HIGH |
| In JetBrains Hub before 2021.1.13415, a DoS via user information is possible. | |||||
| CVE-2021-43191 | 3 Apple, Google, Jetbrains | 3 Iphone Os, Android, Youtrack Mobile | 2021-11-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| JetBrains YouTrack Mobile before 2021.2, is missing the security screen on Android and iOS. | |||||
| CVE-2021-43190 | 2 Google, Jetbrains | 2 Android, Youtrack Mobile | 2021-11-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| In JetBrains YouTrack Mobile before 2021.2, task hijacking on Android is possible. | |||||
| CVE-2021-43186 | 1 Jetbrains | 1 Youtrack | 2021-11-09 | 3.5 LOW | 5.4 MEDIUM |
| JetBrains YouTrack before 2021.3.24402 is vulnerable to stored XSS. | |||||
| CVE-2021-43195 | 1 Jetbrains | 1 Teamcity | 2021-11-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| In JetBrains TeamCity before 2021.1.2, some HTTP security headers were missing. | |||||
| CVE-2021-43197 | 1 Jetbrains | 1 Teamcity | 2021-11-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| In JetBrains TeamCity before 2021.1.2, email notifications could include unescaped HTML for XSS. | |||||
| CVE-2021-43198 | 1 Jetbrains | 1 Teamcity | 2021-11-09 | 3.5 LOW | 5.4 MEDIUM |
| In JetBrains TeamCity before 2021.1.2, stored XSS is possible. | |||||
| CVE-2021-43199 | 1 Jetbrains | 1 Teamcity | 2021-11-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| In JetBrains TeamCity before 2021.1.2, permission checks in the Create Patch functionality are insufficient. | |||||
| CVE-2021-43200 | 1 Jetbrains | 1 Teamcity | 2021-11-09 | 7.5 HIGH | 9.8 CRITICAL |
| In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient. | |||||
| CVE-2021-43201 | 1 Jetbrains | 1 Teamcity | 2021-11-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project. | |||||
| CVE-2019-12156 | 1 Jetbrains | 1 Upsource | 2021-11-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| Server metadata could be exposed because one of the error messages reflected the whole response back to the client in JetBrains TeamCity versions before 2018.2.5 and UpSource versions before 2018.2 build 1293. | |||||
| CVE-2021-37553 | 1 Jetbrains | 1 Youtrack | 2021-08-13 | 5.0 MEDIUM | 7.5 HIGH |
| In JetBrains YouTrack before 2021.2.16363, an insecure PRNG was used. | |||||
| CVE-2021-37554 | 1 Jetbrains | 1 Youtrack | 2021-08-12 | 4.0 MEDIUM | 4.3 MEDIUM |
| In JetBrains YouTrack before 2021.3.21051, a user could see boards without having corresponding permissions. | |||||
| CVE-2021-37552 | 1 Jetbrains | 1 Youtrack | 2021-08-12 | 3.5 LOW | 5.4 MEDIUM |
| In JetBrains YouTrack before 2021.2.17925, stored XSS was possible. | |||||