Vulnerabilities > Jetbrains > High

DATE CVE VULNERABILITY TITLE RISK
2019-10-01 CVE-2019-15038 Unspecified vulnerability in Jetbrains Teamcity 2018.2.4
An issue was discovered in JetBrains TeamCity 2018.2.4.
network
low complexity
jetbrains
7.5
2019-10-01 CVE-2019-14960 Untrusted Search Path vulnerability in Jetbrains Rider
JetBrains Rider before 2019.1.2 was using an unsigned JetBrains.Rider.Unity.Editor.Plugin.Repacked.dll file.
local
low complexity
jetbrains CWE-426
7.8
2019-07-03 CVE-2019-12841 Improper Input Validation vulnerability in Jetbrains Teamcity
Incorrect handling of user input in ZIP extraction was detected in JetBrains TeamCity.
network
low complexity
jetbrains CWE-20
7.5
2019-07-03 CVE-2019-10103 Missing Encryption of Sensitive Data vulnerability in Jetbrains Kotlin
JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/JVM Server) IDE Template were resolving Gradle artifacts using an http connection, potentially allowing an MITM attack.
network
high complexity
jetbrains CWE-311
8.1
2019-07-03 CVE-2019-10102 Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Kotlin and Ktor
JetBrains Ktor framework (created using the Kotlin IDE template) versions before 1.1.0 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack.
network
high complexity
jetbrains CWE-319
8.1
2019-07-03 CVE-2019-10101 Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Kotlin
JetBrains Kotlin versions before 1.3.30 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack.
network
high complexity
jetbrains CWE-319
8.1
2019-07-03 CVE-2019-9872 Insufficiently Protected Credentials vulnerability in Jetbrains Intellij Idea
In several versions of JetBrains IntelliJ IDEA Ultimate, creating run configurations for cloud application servers leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files.
network
high complexity
jetbrains CWE-522
8.1
2019-07-03 CVE-2019-12851 Cross-Site Request Forgery (CSRF) vulnerability in Jetbrains Youtrack
A CSRF vulnerability was detected in one of the admin endpoints of JetBrains YouTrack.
network
low complexity
jetbrains CWE-352
8.8
2019-07-03 CVE-2019-12847 Insufficiently Protected Credentials vulnerability in Jetbrains HUB
In JetBrains Hub versions earlier than 2018.4.11298, the audit events for SMTPSettings show a cleartext password to the admin user.
network
low complexity
jetbrains CWE-522
7.2
2018-08-13 CVE-2018-14878 Deserialization of Untrusted Data vulnerability in Jetbrains Dotpeek and Resharper Ultimate
JetBrains dotPeek before 2018.2 and ReSharper Ultimate before 2018.1.4 allow attackers to execute code by decompiling a compiled .NET object (such as a DLL or EXE file) with a specific file, because of Deserialization of Untrusted Data.
local
low complexity
jetbrains CWE-502
7.8