Vulnerabilities > Jetbrains > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-31 | CVE-2019-18369 | Incorrect Default Permissions vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2019.2.55152, removing tags from the issues list without the corresponding permission was possible. | 5.0 |
| 2019-10-31 | CVE-2019-18367 | Incorrect Default Permissions vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.2, a non-destructive operation could be performed by a user without the corresponding permissions. | 5.0 |
| 2019-10-31 | CVE-2019-18366 | Incorrect Default Permissions vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.2, secure values could be exposed to users with the "View build runtime parameters and data" permission. | 5.0 |
| 2019-10-31 | CVE-2019-18365 | Improper Privilege Management vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.4, reverse tabnabbing was possible on several pages. | 4.3 |
| 2019-10-31 | CVE-2019-18363 | Information Exposure vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.2, access could be gained to the history of builds of a deleted build configuration under some circumstances. | 5.0 |
| 2019-10-31 | CVE-2019-18362 | Information Exposure vulnerability in Jetbrains MPS JetBrains MPS before 2019.2.2 exposed listening ports to the network. | 5.0 |
| 2019-10-31 | CVE-2019-18361 | Unspecified vulnerability in Jetbrains Intellij Idea JetBrains IntelliJ IDEA before 2019.2 allows local user privilege escalation, potentially leading to arbitrary code execution. | 4.6 |
| 2019-10-31 | CVE-2019-18360 | Information Exposure vulnerability in Jetbrains HUB In JetBrains Hub versions earlier than 2019.1.11738, username enumeration was possible through password recovery. | 5.0 |
| 2019-10-02 | CVE-2019-16407 | Untrusted Search Path vulnerability in Jetbrains Resharper JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability. | 4.4 |
| 2019-10-02 | CVE-2019-16171 | Cross-site Scripting vulnerability in Jetbrains Youtrack In JetBrains YouTrack through 2019.2.56594, stored XSS was found on the issue page. | 4.3 |