Vulnerabilities > Jetbrains > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-05-11 CVE-2021-29263 Unspecified vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA 2020.3.3, local code execution was possible because of insufficient checks when getting the project from VCS.
local
low complexity
jetbrains
4.6
2021-05-11 CVE-2021-30005 Insufficient Verification of Data Authenticity vulnerability in Jetbrains Pycharm
In JetBrains PyCharm before 2020.3.4, local code execution was possible because of insufficient checks when getting the project from VCS.
local
low complexity
jetbrains CWE-345
4.6
2021-05-11 CVE-2021-30006 XXE vulnerability in Jetbrains Intellij Idea
In IntelliJ IDEA before 2020.3.3, XXE was possible, leading to information disclosure.
network
low complexity
jetbrains CWE-611
5.0
2021-05-11 CVE-2021-30504 Resource Exhaustion vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2021.1, DoS was possible because of unbounded resource allocation.
network
low complexity
jetbrains CWE-400
5.0
2021-05-11 CVE-2021-31899 Unspecified vulnerability in Jetbrains Code With ME
In JetBrains Code With Me bundled to the compatible IDEs before version 2021.1, the client could execute code in read-only mode.
network
low complexity
jetbrains
6.5
2021-05-11 CVE-2021-31900 Unspecified vulnerability in Jetbrains Code With ME
In JetBrains Code With Me bundled to the compatible IDE versions before 2021.1, a client could open a browser on a host.
network
low complexity
jetbrains
5.0
2021-05-11 CVE-2021-31901 Unspecified vulnerability in Jetbrains HUB
In JetBrains Hub before 2021.1.13079, two-factor authentication wasn't enabled properly for the All Users group.
network
low complexity
jetbrains
5.0
2021-05-11 CVE-2021-31902 Incorrect Permission Assignment for Critical Resource vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.6.6600, access control during the exporting of issues was implemented improperly.
network
low complexity
jetbrains CWE-732
5.0
2021-05-11 CVE-2021-31903 Cross-site Scripting vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2021.1.9819, a pull request's title was sanitized insufficiently, leading to XSS.
network
jetbrains CWE-79
4.3
2021-05-11 CVE-2021-31904 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.2, XSS was potentially possible on the test history page.
network
jetbrains CWE-79
4.3