Filters
Software
jetbrains teamcity
24
jetbrains intellij idea
8
jetbrains youtrack
8
jetbrains hub
5
jetbrains ktor
3
jetbrains webstorm
3
jetbrains clion
2
jetbrains goland
2
jetbrains phpstorm
2
jetbrains pycharm
2
jetbrains rubymine
2
jetbrains aqua
1
jetbrains datagrip
1
jetbrains dataspell
1
jetbrains mps
1
jetbrains rider
1
jetbrains rustrover
1
jetbrains space
1
jetbrains toolbox
1
jetbrains upsource
1
jetbrains youtrack integration
1
Jetbrains TeamcityIn JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or expirati…
9.8
First published (updated )
CVE-2024-37051GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and…
9.3
First published (updated )
Jetbrains TeamcityJetBrains TeamCity Authentication Bypass Vulnerability
First published (updated )
SolarWinds Access Rights ManagerSolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution
First published (updated )
SolarWinds Access Rights ManagerSolarWinds Access Rights Manager (ARM) Directory Traversal Remote Code Execution Vulnerability
9.6
EPSS
0.06%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SolarWinds Access Rights ManagerSolarWinds Access Rights Manager (ARM) Directory Traversal Remote Code Execution Vulnerability
9.6
EPSS
0.06%
First published (updated )
SolarWinds Access Rights ManagerSolarWinds Access Rights Manager (ARM) Directory Traversal Remote Code Execution Vulnerability
9.6
EPSS
0.06%
First published (updated )
Jetbrains TeamcityIn JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible
9.8
EPSS
0.09%
First published (updated )
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via…
9.8
First published (updated )
JetBrains KtorIn JetBrains Ktor before 2.3.5 server certificates were not verified
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jetbrains TeamcityJetBrains TeamCity Authentication Bypass Vulnerability
First published (updated )
Jetbrains TeamcityIn JetBrains TeamCity before 2023.05 bypass of permission checks allowing to perform admin actions w…
9.8
First published (updated )
Jetbrains TeamcityIn JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents.
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JetBrains HubIn JetBrains Hub before 2022.1.14434, SAML request takeover was possible.
9.8
First published (updated )
Jetbrains TeamcityOS Command Injection, Command Injection
9.8
First published (updated )
JetBrains IntelliJ IDEAJetBrains IntelliJ IDEA 2021.3.1 Preview, IntelliJ IDEA 2021.3.1 RC, PyCharm Professional 2021.3.1 R…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jetbrains TeamcityIn JetBrains TeamCity before 2021.1.4, GitLab authentication impersonation was possible.
9.8
First published (updated )
Jetbrains TeamcityIn JetBrains TeamCity before 2021.1.3, the X-Frame-Options header is missing in some cases.
9.8
First published (updated )
JetBrains HubIn JetBrains Hub before 2021.1.13690, the authentication throttling mechanism could be bypassed.
9.8
First published (updated )
Jetbrains TeamcityIn JetBrains TeamCity before 2021.1.2, remote code execution via the agent push functionality is pos…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jetbrains TeamcityIn JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insuff…
9.8
First published (updated )
Jetbrains YoutrackJetBrains YouTrack before 2021.3.23639 is vulnerable to Host header injection.
9.8
First published (updated )
Jetbrains YoutrackIn JetBrains YouTrack before 2021.1.11111, sandboxing in workflows was insufficient.
9.1
First published (updated )
Jetbrains TeamcityIn JetBrains TeamCity before 2020.2.4, there was an insecure deserialization.
9.8
First published (updated )
JetBrains HubIn JetBrains Hub before 2021.1.13389, account takeover was possible during password reset.
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JetBrains WebStormIn JetBrains WebStorm before 2021.1, code execution without user confirmation was possible for untru…
9.8
First published (updated )
Jetbrains TeamcityOS Command Injection, Command Injection
9.8
First published (updated )
Jetbrains TeamcityIn JetBrains TeamCity before 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was po…
9.8
First published (updated )
Jetbrains TeamcityIn JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possi…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Jetbrains ToolboxJetBrains ToolBox before version 1.18 is vulnerable to Remote Code Execution via a browser protocol …
10
First published (updated )
JetBrains SpaceIn JetBrains Space through 2020-04-22, the password authentication implementation was insecure.
9.8
First published (updated )
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2020.1, the license server could be resolved to an untrusted host …
9.8
First published (updated )
Jetbrains TeamcityIn JetBrains TeamCity before 2019.1.4, insecure Java Deserialization could potentially allow remote …
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JetBrains IntelliJ IDEAIn several JetBrains IntelliJ IDEA Ultimate versions, an Application Server run configuration (for T…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JetBrains IntelliJ IDEAIn several versions of JetBrains IntelliJ IDEA Ultimate, creating Task Servers configurations leads …
9.8
First published (updated )
JetBrains IntelliJ IDEAIn several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default settin…
9.8
First published (updated )
Jetbrains YoutrackAn Insecure Direct Object Reference, with Authorization Bypass through a User-Controlled Key, was po…
9.8
First published (updated )
Jetbrains YoutrackCertain actions could cause privilege escalation for issue attachments in JetBrains YouTrack. The is…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.