Filtered by vendor Jetbrains
Subscribe
Total
396 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-11691 | 1 Jetbrains | 1 Hub | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In JetBrains Hub before 2020.1.12099, content spoofing in the Hub OAuth error message was possible. | |||||
CVE-2019-14958 | 1 Jetbrains | 1 Pycharm | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
JetBrains PyCharm before 2019.2 was allocating a buffer of unknown size for one of the connection processes. In a very specific situation, it could lead to a remote invocation of an OOM error message because of Uncontrolled Memory Allocation. | |||||
CVE-2020-7914 | 1 Jetbrains | 1 Intellij Idea | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network. This issue was fixed in 2019.3. | |||||
CVE-2019-18363 | 1 Jetbrains | 1 Teamcity | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
In JetBrains TeamCity before 2019.1.2, access could be gained to the history of builds of a deleted build configuration under some circumstances. | |||||
CVE-2019-18365 | 1 Jetbrains | 1 Teamcity | 2024-02-28 | 4.3 MEDIUM | 4.3 MEDIUM |
In JetBrains TeamCity before 2019.1.4, reverse tabnabbing was possible on several pages. | |||||
CVE-2020-7913 | 1 Jetbrains | 1 Youtrack | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
JetBrains YouTrack 2019.2 before 2019.2.59309 was vulnerable to XSS via an issue description. | |||||
CVE-2020-7906 | 1 Jetbrains | 1 Rider | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In JetBrains Rider versions 2019.3 EAP2 through 2019.3 EAP7, there were unsigned binaries provided by the Windows installer. This issue was fixed in release version 2019.3. | |||||
CVE-2019-15038 | 1 Jetbrains | 1 Teamcity | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in JetBrains TeamCity 2018.2.4. The TeamCity server was not using some security-related HTTP headers. The issue was fixed in TeamCity 2019.1. | |||||
CVE-2019-15039 | 1 Jetbrains | 1 Teamcity | 2024-02-28 | 6.8 MEDIUM | 9.8 CRITICAL |
An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possible remote code execution issue. This was fixed in TeamCity 2019.1. | |||||
CVE-2019-12156 | 1 Jetbrains | 1 Upsource | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
Server metadata could be exposed because one of the error messages reflected the whole response back to the client in JetBrains TeamCity versions before 2018.2.5 and UpSource versions before 2018.2 build 1293. | |||||
CVE-2020-7908 | 1 Jetbrains | 1 Teamcity | 2024-02-28 | 4.3 MEDIUM | 4.3 MEDIUM |
In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages. | |||||
CVE-2019-18361 | 1 Jetbrains | 1 Intellij Idea | 2024-02-28 | 4.6 MEDIUM | 5.3 MEDIUM |
JetBrains IntelliJ IDEA before 2019.2 allows local user privilege escalation, potentially leading to arbitrary code execution. | |||||
CVE-2019-19389 | 1 Jetbrains | 1 Ktor | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
JetBrains Ktor framework before version 1.2.6 was vulnerable to HTTP Response Splitting. | |||||
CVE-2019-19703 | 1 Jetbrains | 1 Ktor | 2024-02-28 | 5.8 MEDIUM | 6.1 MEDIUM |
In Ktor through 1.2.6, the client resends data from the HTTP Authorization header to a redirect location. | |||||
CVE-2019-15041 | 1 Jetbrains | 1 Youtrack | 2024-02-28 | 5.8 MEDIUM | 6.1 MEDIUM |
JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere. | |||||
CVE-2019-15042 | 1 Jetbrains | 1 Teamcity | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in JetBrains TeamCity 2018.2.4. It had no SSL certificate validation for some external https connections. This was fixed in TeamCity 2019.1. | |||||
CVE-2019-14957 | 1 Jetbrains | 1 Vim | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
The JetBrains Vim plugin before version 0.52 was storing individual project data in the global vim_settings.xml file. This xml file could be synchronized to a publicly accessible GitHub repository. | |||||
CVE-2019-18412 | 1 Jetbrains | 1 Idetalk | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
JetBrains IDETalk plugin before version 193.4099.10 allows XXE | |||||
CVE-2019-14961 | 1 Jetbrains | 1 Upsource | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
JetBrains Upsource before 2019.1.1412 was not properly escaping HTML tags in a code block comments, leading to XSS. | |||||
CVE-2019-18364 | 1 Jetbrains | 1 Teamcity | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
In JetBrains TeamCity before 2019.1.4, insecure Java Deserialization could potentially allow remote code execution. |