Vulnerabilities > Jetbrains

DATE CVE VULNERABILITY TITLE RISK
2020-08-08 CVE-2020-15817 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.1.1331, an external user could execute commands against arbitrary issues.
network
low complexity
jetbrains
8.8
2020-08-08 CVE-2019-19704 Unspecified vulnerability in Jetbrains Upsource
In JetBrains Upsource before 2020.1, information disclosure is possible because of an incorrect user matching algorithm.
network
low complexity
jetbrains
7.5
2020-04-22 CVE-2020-11938 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator was able to see scrambled password parameters used in a project.
network
low complexity
jetbrains
4.9
2020-04-22 CVE-2020-11796 Improper Authentication vulnerability in Jetbrains Space
In JetBrains Space through 2020-04-22, the password authentication implementation was insecure.
network
low complexity
jetbrains CWE-287
critical
9.8
2020-04-22 CVE-2020-11795 Insufficient Session Expiration vulnerability in Jetbrains Space
In JetBrains Space through 2020-04-22, the session timeout period was configured improperly.
network
low complexity
jetbrains CWE-613
7.5
2020-04-22 CVE-2020-11693 Unspecified vulnerability in Jetbrains Youtrack
JetBrains YouTrack before 2020.1.659 was vulnerable to DoS that could be caused by attaching a malformed TIFF file to an issue.
network
low complexity
jetbrains
7.5
2020-04-22 CVE-2020-11692 Incorrect Default Permissions vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.1.659, DB export was accessible to read-only administrators.
network
low complexity
jetbrains CWE-276
2.7
2020-04-22 CVE-2020-11691 Unspecified vulnerability in Jetbrains HUB
In JetBrains Hub before 2020.1.12099, content spoofing in the Hub OAuth error message was possible.
network
low complexity
jetbrains
7.5
2020-04-22 CVE-2020-11690 Unspecified vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2020.1, the license server could be resolved to an untrusted host in some cases.
network
low complexity
jetbrains
critical
9.8
2020-04-22 CVE-2020-11689 Incorrect Default Permissions vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.2.1, a user without appropriate permissions was able to import settings from the settings.kts file.
network
low complexity
jetbrains CWE-276
6.5