Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (523 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2021-25771 1 Jetbrains 1 Youtrack 2024-11-21 4.3 Medium
In JetBrains YouTrack before 2020.6.1099, project information could be potentially disclosed.
CVE-2021-25770 1 Jetbrains 1 Youtrack 2024-11-21 9.8 Critical
In JetBrains YouTrack before 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution.
CVE-2021-25769 1 Jetbrains 1 Youtrack 2024-11-21 7.5 High
In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access attachments.
CVE-2021-25768 1 Jetbrains 1 Youtrack 2024-11-21 5.3 Medium
In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked improperly.
CVE-2021-25767 1 Jetbrains 1 Youtrack 2024-11-21 5.3 Medium
In JetBrains YouTrack before 2020.6.1767, an issue's existence could be disclosed via YouTrack command execution.
CVE-2021-25766 1 Jetbrains 1 Youtrack 2024-11-21 5.3 Medium
In JetBrains YouTrack before 2020.4.4701, improper resource access checks were made.
CVE-2021-25765 1 Jetbrains 1 Youtrack 2024-11-21 8.8 High
In JetBrains YouTrack before 2020.4.4701, CSRF via attachment upload was possible.
CVE-2021-25764 1 Jetbrains 1 Phpstorm 2024-11-21 5.3 Medium
In JetBrains PhpStorm before 2020.3, source code could be added to debug logs.
CVE-2021-25763 1 Jetbrains 1 Ktor 2024-11-21 5.3 Medium
In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default.
CVE-2021-25762 1 Jetbrains 1 Ktor 2024-11-21 5.3 Medium
In JetBrains Ktor before 1.4.3, HTTP Request Smuggling was possible.
CVE-2021-25761 1 Jetbrains 1 Ktor 2024-11-21 5.3 Medium
In JetBrains Ktor before 1.5.0, a birthday attack on SessionStorage key was possible.
CVE-2021-25760 1 Jetbrains 1 Hub 2024-11-21 5.3 Medium
In JetBrains Hub before 2020.1.12669, information disclosure via the public API was possible.
CVE-2021-25759 1 Jetbrains 1 Hub 2024-11-21 6.5 Medium
In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other user.
CVE-2021-25758 1 Jetbrains 1 Intellij Idea 2024-11-21 7.8 High
In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace model could lead to local code execution.
CVE-2021-25757 1 Jetbrains 1 Hub 2024-11-21 6.1 Medium
In JetBrains Hub before 2020.1.12629, an open redirect was possible.
CVE-2021-25756 1 Jetbrains 1 Intellij Idea 2024-11-21 5.3 Medium
In JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories instead of HTTPS.
CVE-2021-25755 1 Jetbrains 1 Code With Me 2024-11-21 2.5 Low
In JetBrains Code With Me before 2020.3, an attacker on the local network, knowing a session ID, could get access to the encrypted traffic.
CVE-2020-7914 1 Jetbrains 1 Intellij Idea 2024-11-21 7.5 High
In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network. This issue was fixed in 2019.3.
CVE-2020-7913 1 Jetbrains 1 Youtrack 2024-11-21 6.1 Medium
JetBrains YouTrack 2019.2 before 2019.2.59309 was vulnerable to XSS via an issue description.
CVE-2020-7912 1 Jetbrains 1 Youtrack 2024-11-21 5.3 Medium
In JetBrains YouTrack before 2019.2.59309, SMTP/Jabber settings could be accessed using backups.