Vulnerabilities > Jetbrains > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-03 | CVE-2022-37396 | Unspecified vulnerability in Jetbrains Rider In JetBrains Rider before 2022.2 Trust and Open Project dialog could be bypassed, leading to local code execution | 7.8 |
| 2022-07-28 | CVE-2022-37009 | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.2 local code execution via a Vagrant executable was possible | 7.8 |
| 2022-07-20 | CVE-2022-36322 | Argument Injection or Modification vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2022.04.2 build parameter injection was possible | 8.8 |
| 2022-04-28 | CVE-2022-29814 | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible | 7.7 |
| 2022-04-28 | CVE-2022-29818 | Origin Validation Error vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed | 7.1 |
| 2022-04-28 | CVE-2022-29819 | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible | 7.7 |
| 2022-04-28 | CVE-2022-29821 | Code Injection vulnerability in Jetbrains Pycharm In JetBrains Rider before 2022.1 local code execution via links in ReSharper Quick Documentation was possible | 7.7 |
| 2022-02-25 | CVE-2022-25264 | Insecure Storage of Sensitive Information vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.2.3, environment variables of the "password" type could be logged in some cases. | 7.5 |
| 2022-02-25 | CVE-2022-24327 | Incorrect Permission Assignment for Critical Resource vulnerability in Jetbrains HUB In JetBrains Hub before 2021.1.13890, integration with JetBrains Account exposed an API key with excessive permissions. | 7.5 |
| 2022-02-25 | CVE-2022-24335 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Jetbrains Teamcity JetBrains TeamCity before 2021.2 was vulnerable to a Time-of-check/Time-of-use (TOCTOU) race-condition attack in agent registration via XML-RPC. | 8.1 |