Lucene search
K

1119 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:49 a.m.7 views

CVE-2020-24618

In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515, and 2019.3.65516, an attacker can retrieve an issue description without appropriate access...

6.5CVSS7AI score0.01879EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:30 a.m.7 views

CVE-2019-16171

In JetBrains YouTrack through 2019.2.56594, stored XSS was found on the issue page...

6.1CVSS5.9AI score0.01082EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:29 a.m.5 views

CVE-2019-12866

An Insecure Direct Object Reference, with Authorization Bypass through a User-Controlled Key, was possible in JetBrains YouTrack. The issue was fixed in 2018.4.49168...

9.8CVSS6.9AI score0.01939EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:29 a.m.7 views

CVE-2019-12851

A CSRF vulnerability was detected in one of the admin endpoints of JetBrains YouTrack. The issue was fixed in YouTrack 2018.4.49852...

8.8CVSS7AI score0.00751EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:27 a.m.9 views

CVE-2019-12852

An SSRF attack was possible on a JetBrains YouTrack server. The issue 1 of 2 was fixed in JetBrains YouTrack 2018.4.49168...

9.8CVSS6.9AI score0.01836EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:26 a.m.7 views

CVE-2019-12850

A query injection was possible in JetBrains YouTrack. The issue was fixed in YouTrack 2018.4.49168...

9.8CVSS7.2AI score0.02079EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/14 12:0 a.m.6 views

JetBrains YouTrack < 2025.3.104432 Multiple Vulnerabilities

The version of JetBrains YouTrack installed on the remote host is prior to 2025.2.92387. It is, therefore, affected by multiple vulnerabilities as referenced in the advisory. - In JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data disclosure. CVE-2025-64685 - ...

8.1CVSS5.5AI score0.00309EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/11/12 4:2 p.m.9 views

CVE-2025-64773

In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit...

3.7CVSS6.8AI score0.00211EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/11 6:30 p.m.7 views

EUVD-2025-84340

In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit...

2.7CVSS6.3AI score0.00211EPSS
Exploits0References2
NVD
NVD
added 2025/11/11 4:15 p.m.6 views

CVE-2025-64773

In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit...

3.7CVSS0.00211EPSS
Exploits0References1
OSV
OSV
added 2025/11/11 4:15 p.m.4 views

CVE-2025-64773

In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit...

3.7CVSS5.8AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/11 3:23 p.m.3 views

CVE-2025-64773

In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit...

2.7CVSS6.4AI score0.00211EPSS
Exploits0References1
CVE
CVE
added 2025/11/11 3:23 p.m.20 views

CVE-2025-64773

CVE-2025-64773 affects JetBrains YouTrack prior to version 2025.3.104432. Multiple connected sources (NVD/NASL/Nessus and others) describe a race condition that allows bypassing the helpdesk agent limit. Affected component is YouTrack (web/bug-tracking platform); root cause is described as a race...

3.7CVSS6.4AI score0.00211EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/11/11 3:23 p.m.9 views

CVE-2025-64773

In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit...

2.7CVSS0.00211EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/11 1:44 p.m.7 views

CVE-2025-64689

In JetBrains YouTrack before 2025.3.104432 misconfiguration in the Junie could lead to exposure of the global Junie token...

9.6CVSS6.8AI score0.00003EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/11 1:44 p.m.7 views

CVE-2025-64687

In JetBrains YouTrack before 2025.3.104432 improper access control allowed modify MCP tool logic...

5.4CVSS6.9AI score0.00002EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/11 1:44 p.m.7 views

CVE-2025-64688

In JetBrains YouTrack before 2025.3.104432 missing VCS URL validation allowed delegation to unauthorized repositories from the Junie widget...

7.4CVSS6.8AI score0.0001EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/11 1:44 p.m.5 views

CVE-2025-64686

In JetBrains YouTrack before 2025.3.104432 missing user principal cleanup led to reuse of incorrect authorization context...

5.3CVSS6.8AI score0.00005EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/11 1:44 p.m.5 views

CVE-2025-64690

In JetBrains YouTrack before 2025.3.104432 insecure Junie configuration could lead to data exposure and unauthorized changes...

6.5CVSS6.8AI score0.00004EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/11 1:44 p.m.6 views

CVE-2025-64685

In JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data disclosure...

8.1CVSS6.9AI score0.00217EPSS
Exploits0References1
Rows per page
Query Builder