Filtered by vendor Jetbrains
Subscribe
Total
359 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-43203 | 1 Jetbrains | 1 Ktor | 2021-11-10 | 5.0 MEDIUM | 7.5 HIGH |
| In JetBrains Ktor before 1.6.4, nonce verification during the OAuth2 authentication process is implemented improperly. | |||||
| CVE-2021-43180 | 1 Jetbrains | 1 Hub | 2021-11-10 | 5.0 MEDIUM | 7.5 HIGH |
| In JetBrains Hub before 2021.1.13690, information disclosure via avatar metadata is possible. | |||||
| CVE-2021-43181 | 1 Jetbrains | 1 Hub | 2021-11-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| In JetBrains Hub before 2021.1.13690, stored XSS is possible. | |||||
| CVE-2021-43182 | 1 Jetbrains | 1 Hub | 2021-11-10 | 5.0 MEDIUM | 7.5 HIGH |
| In JetBrains Hub before 2021.1.13415, a DoS via user information is possible. | |||||
| CVE-2021-43191 | 3 Apple, Google, Jetbrains | 3 Iphone Os, Android, Youtrack Mobile | 2021-11-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| JetBrains YouTrack Mobile before 2021.2, is missing the security screen on Android and iOS. | |||||
| CVE-2021-43190 | 2 Google, Jetbrains | 2 Android, Youtrack Mobile | 2021-11-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| In JetBrains YouTrack Mobile before 2021.2, task hijacking on Android is possible. | |||||
| CVE-2021-43186 | 1 Jetbrains | 1 Youtrack | 2021-11-09 | 3.5 LOW | 5.4 MEDIUM |
| JetBrains YouTrack before 2021.3.24402 is vulnerable to stored XSS. | |||||
| CVE-2021-43195 | 1 Jetbrains | 1 Teamcity | 2021-11-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| In JetBrains TeamCity before 2021.1.2, some HTTP security headers were missing. | |||||
| CVE-2021-43197 | 1 Jetbrains | 1 Teamcity | 2021-11-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| In JetBrains TeamCity before 2021.1.2, email notifications could include unescaped HTML for XSS. | |||||
| CVE-2021-43198 | 1 Jetbrains | 1 Teamcity | 2021-11-09 | 3.5 LOW | 5.4 MEDIUM |
| In JetBrains TeamCity before 2021.1.2, stored XSS is possible. | |||||
| CVE-2021-43199 | 1 Jetbrains | 1 Teamcity | 2021-11-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| In JetBrains TeamCity before 2021.1.2, permission checks in the Create Patch functionality are insufficient. | |||||
| CVE-2021-43200 | 1 Jetbrains | 1 Teamcity | 2021-11-09 | 7.5 HIGH | 9.8 CRITICAL |
| In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient. | |||||
| CVE-2021-43201 | 1 Jetbrains | 1 Teamcity | 2021-11-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project. | |||||
| CVE-2019-12156 | 1 Jetbrains | 1 Upsource | 2021-11-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| Server metadata could be exposed because one of the error messages reflected the whole response back to the client in JetBrains TeamCity versions before 2018.2.5 and UpSource versions before 2018.2 build 1293. | |||||
| CVE-2021-37553 | 1 Jetbrains | 1 Youtrack | 2021-08-13 | 5.0 MEDIUM | 7.5 HIGH |
| In JetBrains YouTrack before 2021.2.16363, an insecure PRNG was used. | |||||
| CVE-2021-37552 | 1 Jetbrains | 1 Youtrack | 2021-08-12 | 3.5 LOW | 5.4 MEDIUM |
| In JetBrains YouTrack before 2021.2.17925, stored XSS was possible. | |||||
| CVE-2021-37545 | 1 Jetbrains | 1 Teamcity | 2021-08-12 | 5.0 MEDIUM | 7.5 HIGH |
| In JetBrains TeamCity before 2021.1.1, insufficient authentication checks for agent requests were made. | |||||
| CVE-2021-37544 | 1 Jetbrains | 1 Teamcity | 2021-08-12 | 7.5 HIGH | 9.8 CRITICAL |
| In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization. | |||||
| CVE-2021-37543 | 1 Jetbrains | 1 Rubymine | 2021-08-12 | 6.5 MEDIUM | 8.8 HIGH |
| In JetBrains RubyMine before 2021.1.1, code execution without user confirmation was possible for untrusted projects. | |||||
| CVE-2021-37541 | 1 Jetbrains | 1 Hub | 2021-08-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| In JetBrains Hub before 2021.1.13402, HTML injection in the password reset email was possible. | |||||