Vulnerabilities > Jetbrains

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-03	CVE-2019-12850	SQL Injection vulnerability in Jetbrains Youtrack A query injection was possible in JetBrains YouTrack. network low complexity jetbrains CWE-89	7.5
2019-07-03	CVE-2019-12847	Insufficiently Protected Credentials vulnerability in Jetbrains HUB In JetBrains Hub versions earlier than 2018.4.11298, the audit events for SMTPSettings show a cleartext password to the admin user. network low complexity jetbrains CWE-522	4.0
2019-07-03	CVE-2019-10104	Unspecified vulnerability in Jetbrains Intellij Idea In several JetBrains IntelliJ IDEA Ultimate versions, an Application Server run configuration (for Tomcat, Jetty, Resin, or CloudBees) with the default setting allowed a remote attacker to execute code when the configuration is running, because a JMX server listened on all interfaces instead of localhost only. network low complexity jetbrains	7.5
2019-07-03	CVE-2019-10100	Code Injection vulnerability in Jetbrains Youtrack Integration In JetBrains YouTrack Confluence plugin versions before 1.8.1.3, it was possible to achieve Server Side Template Injection. network low complexity jetbrains CWE-94	7.5
2018-08-13	CVE-2018-14878	Deserialization of Untrusted Data vulnerability in Jetbrains Dotpeek and Resharper Ultimate JetBrains dotPeek before 2018.2 and ReSharper Ultimate before 2018.1.4 allow attackers to execute code by decompiling a compiled .NET object (such as a DLL or EXE file) with a specific file, because of Deserialization of Untrusted Data. network jetbrains CWE-502	6.8
2018-08-03	CVE-2017-8316	XXE vulnerability in Jetbrains Intellij Idea IntelliJ IDEA XML parser was found vulnerable to XML External Entity attack, an attacker can exploit the vulnerability by implementing malicious code on both Androidmanifest.xml. network low complexity jetbrains CWE-611	7.5
2015-01-13	CVE-2014-10036	Cross-site Scripting vulnerability in Jetbrains Teamcity Cross-site scripting (XSS) vulnerability in JetBrains TeamCity before 8.1 allows remote attackers to inject arbitrary web script or HTML via the cameFromUrl parameter to feed/generateFeedUrl.html. network jetbrains CWE-79	4.3
2015-01-13	CVE-2014-10002	Information Disclosure vulnerability in TeamCity Unspecified vulnerability in JetBrains TeamCity before 8.1 allows remote attackers to obtain sensitive information via unknown vectors. network low complexity jetbrains	5.0

Vulnerabilities > Jetbrains {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Jetbrains"}]}

Vulnerabilities > Jetbrains