Vulnerabilities > Jetbrains > High

DATE CVE VULNERABILITY TITLE RISK
2020-04-22 CVE-2020-11693 Unspecified vulnerability in Jetbrains Youtrack
JetBrains YouTrack before 2020.1.659 was vulnerable to DoS that could be caused by attaching a malformed TIFF file to an issue.
network
low complexity
jetbrains
7.5
2020-04-22 CVE-2020-11691 Unspecified vulnerability in Jetbrains HUB
In JetBrains Hub before 2020.1.12099, content spoofing in the Hub OAuth error message was possible.
network
low complexity
jetbrains
7.5
2020-04-22 CVE-2020-11688 Insufficient Session Expiration vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.2.1, the application state is kept alive after a user ends his session.
network
low complexity
jetbrains CWE-613
7.5
2020-04-22 CVE-2020-11687 Information Exposure vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.2.2, password values were shown in an unmasked format on several pages.
network
low complexity
jetbrains CWE-200
7.5
2020-04-22 CVE-2020-11685 Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Goland
In JetBrains GoLand before 2019.3.2, the plugin repository was accessed via HTTP instead of HTTPS.
network
low complexity
jetbrains CWE-319
7.5
2020-04-10 CVE-2020-11694 Insufficiently Protected Credentials vulnerability in Jetbrains Pycharm 2019.2.5/2019.3
In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarization Service credentials were included.
network
low complexity
jetbrains CWE-522
7.5
2020-02-21 CVE-2020-7907 Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Scala
In the JetBrains Scala plugin before 2019.2.1, some artefact dependencies were resolved over unencrypted connections.
network
low complexity
jetbrains CWE-319
7.5
2020-01-31 CVE-2020-7914 Unspecified vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network.
network
low complexity
jetbrains
7.5
2020-01-30 CVE-2020-7909 Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI.
network
low complexity
jetbrains CWE-522
7.5
2020-01-30 CVE-2020-7906 Improper Verification of Cryptographic Signature vulnerability in Jetbrains Rider 2019.3.0
In JetBrains Rider versions 2019.3 EAP2 through 2019.3 EAP7, there were unsigned binaries provided by the Windows installer.
network
low complexity
jetbrains CWE-347
7.5