Filtered by vendor Jetbrains Subscriptions
Total 424 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-48429 1 Jetbrains 1 Hub 2024-11-21 4.6 Medium
In JetBrains Hub before 2022.3.15573, 2022.2.15572, 2022.1.15583 reflected XSS in dashboards was possible
CVE-2022-48428 1 Jetbrains 1 Teamcity 2024-11-21 4.6 Medium
In JetBrains TeamCity before 2022.10.3 stored XSS on the SSH keys page was possible
CVE-2022-48427 1 Jetbrains 1 Teamcity 2024-11-21 4.6 Medium
In JetBrains TeamCity before 2022.10.3 stored XSS on “Pending changes” and “Changes” tabs was possible
CVE-2022-48426 1 Jetbrains 1 Teamcity 2024-11-21 4.6 Medium
In JetBrains TeamCity before 2022.10.3 stored XSS in Perforce connection settings was possible
CVE-2022-48344 1 Jetbrains 1 Teamcity 2024-11-21 5.4 Medium
In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the group creation process.
CVE-2022-48343 1 Jetbrains 1 Teamcity 2024-11-21 5.4 Medium
In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the user creation process.
CVE-2022-48342 1 Jetbrains 1 Teamcity 2024-11-21 5.2 Medium
In JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents.
CVE-2022-47896 1 Jetbrains 1 Intellij Idea 2024-11-21 5 Medium
In JetBrains IntelliJ IDEA before 2022.3.1 code Templates were vulnerable to SSTI attacks.
CVE-2022-47895 1 Jetbrains 1 Intellij Idea 2024-11-21 4.7 Medium
In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol to download required JAR files.
CVE-2022-46831 1 Jetbrains 1 Teamcity 2024-11-21 6.6 Medium
In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators.
CVE-2022-46830 1 Jetbrains 1 Teamcity 2024-11-21 4.1 Medium
In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning.
CVE-2022-46829 1 Jetbrains 1 Jetbrains Gateway 2024-11-21 7.1 High
In JetBrains JetBrains Gateway before 2022.3 a client could connect without a valid token if the host consented.
CVE-2022-46828 2 Apple, Jetbrains 2 Macos, Intellij Idea 2024-11-21 5.2 Medium
In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on macOS was possible.
CVE-2022-46827 1 Jetbrains 1 Intellij Idea 2024-11-21 3.9 Low
In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible.
CVE-2022-46826 1 Jetbrains 1 Intellij Idea 2024-11-21 6.2 Medium
In JetBrains IntelliJ IDEA before 2022.3 the built-in web server allowed an arbitrary file to be read by exploiting a path traversal vulnerability.
CVE-2022-46825 1 Jetbrains 1 Intellij Idea 2024-11-21 4 Medium
In JetBrains IntelliJ IDEA before 2022.3 the built-in web server leaked information about open projects.
CVE-2022-46824 2 Apple, Jetbrains 2 Macos, Intellij Idea 2024-11-21 5.6 Medium
In JetBrains IntelliJ IDEA before 2022.2.4 a buffer overflow in the fsnotifier daemon on macOS was possible.
CVE-2022-45471 1 Jetbrains 1 Hub 2024-11-21 3.5 Low
In JetBrains Hub before 2022.3.15181 Throttling was missed when sending emails to a particular email address
CVE-2022-44646 1 Jetbrains 1 Teamcity 2024-11-21 2.2 Low
In JetBrains TeamCity version before 2022.10, no audit items were added upon editing a user's settings
CVE-2022-44624 1 Jetbrains 1 Teamcity 2024-11-21 6.5 Medium
In JetBrains TeamCity version before 2022.10, Password parameters could be exposed in the build log if they contained special characters