Shodan
Vulnerabilities
Vulnerable Software
Jetbrains:  Security Vulnerabilities
CVE-2024-38504
In JetBrains YouTrack before 2024.2.34646 the Guest User Account was enabled for attaching files to articles
CVSS Score
4.3
EPSS Score
0.0
Published
2024-06-18
CVE-2024-38505
In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site
CVSS Score
5.3
EPSS Score
0.0
Published
2024-06-18
CVE-2024-37051
GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5, 2024.1.4; DataSpell 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.2, 2024.2 EAP1; GoLand 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; MPS 2023.2.1, 2023.3.1, 2024.1 EAP2; PhpStorm 2023.1.6, 2023.2.6, 2023.3.7, 2024.1.3, 2024.2 EAP3; PyCharm 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.3, 2024.2 EAP2; Rider 2023.1.7, 2023.2.5, 2023.3.6, 2024.1.3; RubyMine 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP4; RustRover 2024.1.1; WebStorm 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.4
CVSS Score
9.3
EPSS Score
0.05
Published
2024-06-10
CVE-2024-36375
In JetBrains TeamCity before 2024.03.2 technical information regarding TeamCity server could be exposed
CVSS Score
5.3
EPSS Score
0.0
Published
2024-05-29
CVE-2024-36376
In JetBrains TeamCity before 2024.03.2 users could perform actions that should not be available to them based on their permissions
CVSS Score
6.5
EPSS Score
0.0
Published
2024-05-29
CVE-2024-36377
In JetBrains TeamCity before 2024.03.2 certain TeamCity API endpoints did not check user permissions
CVSS Score
6.5
EPSS Score
0.0
Published
2024-05-29
CVE-2024-36378
In JetBrains TeamCity before 2024.03.2 server was susceptible to DoS attacks with incorrect auth tokens
CVSS Score
5.9
EPSS Score
0.0
Published
2024-05-29
CVE-2024-36470
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 authentication bypass was possible in specific edge cases
CVSS Score
8.1
EPSS Score
0.0
Published
2024-05-29
CVE-2024-36370
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via OAuth connection settings was possible
CVSS Score
4.6
EPSS Score
0.26
Published
2024-05-29
CVE-2024-36371
In JetBrains TeamCity before 2023.05.6, 2023.11.5 stored XSS in Commit status publisher was possible
CVSS Score
4.6
EPSS Score
0.245
Published
2024-05-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved