Vulnerabilities > Jetbrains > High

DATE CVE VULNERABILITY TITLE RISK
2024-03-28 CVE-2024-31139 XXE vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.03 xXE was possible in the Maven build steps detector
network
low complexity
jetbrains CWE-611
8.1
8.1
2024-03-21 CVE-2024-29880 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11 users with access to the agent machine might obtain permissions of the user running the agent process
local
low complexity
jetbrains
7.8
7.8
2024-03-04 CVE-2024-27199 Path Traversal vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
network
low complexity
jetbrains CWE-22
7.3
7.3
2023-12-15 CVE-2023-50870 Cross-Site Request Forgery (CSRF) vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.1 a CSRF on login was possible
network
low complexity
jetbrains CWE-352
8.8
8.8
2023-07-26 CVE-2023-39261 Unspecified vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2023.2 plugin for Space was requesting excessive permissions
local
low complexity
jetbrains
7.8
7.8
2023-07-25 CVE-2023-39173 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full account access
network
low complexity
jetbrains
8.8
8.8
2023-07-25 CVE-2023-39174 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05.2 a ReDoS attack was possible via integration with issue trackers
network
low complexity
jetbrains
7.5
7.5
2023-07-12 CVE-2023-38068 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2023.1.16597 captcha was not properly validated for Helpdesk forms
network
low complexity
jetbrains
7.3
7.3
2023-06-12 CVE-2023-35053 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2023.1.10518 a DoS attack was possible via Helpdesk forms
network
low complexity
jetbrains
7.5
7.5
2023-05-31 CVE-2023-34227 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.05 a specific endpoint was vulnerable to brute force attacks
network
low complexity
jetbrains
7.5
7.5