Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv3
CVE-2022-46831
In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators.
Jetbrains Teamcity
7.5
CVSSv3
CVE-2020-25209
In JetBrains YouTrack prior to 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API.
Jetbrains Youtrack
7.5
CVSSv3
CVE-2019-12841
Incorrect handling of user input in ZIP extraction was detected in JetBrains TeamCity. The issue was fixed in TeamCity 2018.2.2.
Jetbrains Teamcity
5.3
CVSSv3
CVE-2019-12845
The generated Kotlin DSL settings allowed usage of an unencrypted connection for resolving artifacts. The issue was fixed in JetBrains TeamCity 2018.2.3.
Jetbrains Teamcity
8.8
CVSSv3
CVE-2019-12851
A CSRF vulnerability was detected in one of the admin endpoints of JetBrains YouTrack. The issue was fixed in YouTrack 2018.4.49852.
Jetbrains Youtrack
9.8
CVSSv3
CVE-2019-12852
An SSRF attack was possible on a JetBrains YouTrack server. The issue (1 of 2) was fixed in JetBrains YouTrack 2018.4.49168.
Jetbrains Youtrack
5.3
CVSSv3
CVE-2024-24936
In JetBrains TeamCity prior to 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed
Jetbrains Teamcity
5.4
CVSSv3
CVE-2024-24937
In JetBrains TeamCity prior to 2023.11.2 stored XSS via agent distribution was possible
Jetbrains Teamcity
5.3
CVSSv3
CVE-2024-24938
In JetBrains TeamCity prior to 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation
Jetbrains Teamcity
5.3
CVSSv3
CVE-2024-24939
In JetBrains Rider prior to 2023.3.3 logging of environment variables containing secret values was possible
Jetbrains Rider
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »