Vulnerabilities > Jetbrains > Intellij Idea > 2018.1.6

DATE CVE VULNERABILITY TITLE RISK
2020-01-30 CVE-2020-7905 Unspecified vulnerability in Jetbrains Intellij Idea
Ports listened to by JetBrains IntelliJ IDEA before 2019.3 were exposed to the network.
network
low complexity
jetbrains
7.5
2020-01-30 CVE-2020-7904 Improper Certificate Validation vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2019.3, some Maven repositories were accessed via HTTP instead of HTTPS.
network
high complexity
jetbrains CWE-295
7.4
2019-10-31 CVE-2019-18361 Unspecified vulnerability in Jetbrains Intellij Idea
JetBrains IntelliJ IDEA before 2019.2 allows local user privilege escalation, potentially leading to arbitrary code execution.
local
low complexity
jetbrains
5.3
2019-10-01 CVE-2019-14954 Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Intellij Idea
JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link via a cleartext http connection.
network
high complexity
jetbrains CWE-319
5.9
2019-07-03 CVE-2019-9873 Insufficiently Protected Credentials vulnerability in Jetbrains Intellij Idea
In several versions of JetBrains IntelliJ IDEA Ultimate, creating Task Servers configurations leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files.
network
low complexity
jetbrains CWE-522
critical
9.8
2019-07-03 CVE-2019-9872 Insufficiently Protected Credentials vulnerability in Jetbrains Intellij Idea
In several versions of JetBrains IntelliJ IDEA Ultimate, creating run configurations for cloud application servers leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files.
network
high complexity
jetbrains CWE-522
8.1
2019-07-03 CVE-2019-9823 Insufficiently Protected Credentials vulnerability in Jetbrains Intellij Idea
In several JetBrains IntelliJ IDEA versions, creating remote run configurations of JavaEE application servers leads to saving a cleartext record of the server credentials in the IDE configuration files.
network
low complexity
jetbrains CWE-522
critical
9.8
2019-07-03 CVE-2019-9186 Exposure of Resource to Wrong Sphere vulnerability in Jetbrains Intellij Idea
In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server listens on all interfaces (instead of listening on only the localhost interface).
network
low complexity
jetbrains CWE-668
critical
9.8
2019-07-03 CVE-2019-10104 Unspecified vulnerability in Jetbrains Intellij Idea
In several JetBrains IntelliJ IDEA Ultimate versions, an Application Server run configuration (for Tomcat, Jetty, Resin, or CloudBees) with the default setting allowed a remote attacker to execute code when the configuration is running, because a JMX server listened on all interfaces instead of localhost only.
network
low complexity
jetbrains
critical
9.8