Vulnerabilities > Jetbrains > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-31 | CVE-2019-18366 | Incorrect Default Permissions vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.2, secure values could be exposed to users with the "View build runtime parameters and data" permission. | 5.3 |
2019-10-31 | CVE-2019-18365 | Improper Privilege Management vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.4, reverse tabnabbing was possible on several pages. | 4.3 |
2019-10-31 | CVE-2019-18363 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2019.1.2, access could be gained to the history of builds of a deleted build configuration under some circumstances. | 5.3 |
2019-10-31 | CVE-2019-18362 | Unspecified vulnerability in Jetbrains MPS JetBrains MPS before 2019.2.2 exposed listening ports to the network. | 5.3 |
2019-10-31 | CVE-2019-18361 | Unspecified vulnerability in Jetbrains Intellij Idea JetBrains IntelliJ IDEA before 2019.2 allows local user privilege escalation, potentially leading to arbitrary code execution. | 5.3 |
2019-10-31 | CVE-2019-18360 | Unspecified vulnerability in Jetbrains HUB In JetBrains Hub versions earlier than 2019.1.11738, username enumeration was possible through password recovery. | 5.3 |
2019-10-02 | CVE-2019-16171 | Cross-site Scripting vulnerability in Jetbrains Youtrack In JetBrains YouTrack through 2019.2.56594, stored XSS was found on the issue page. | 6.1 |
2019-10-02 | CVE-2019-15037 | Cross-site Scripting vulnerability in Jetbrains Teamcity 2018.2.4 An issue was discovered in JetBrains TeamCity 2018.2.4. | 6.1 |
2019-10-02 | CVE-2019-14959 | Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Toolbox JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. | 5.9 |
2019-10-02 | CVE-2019-14956 | Improper Preservation of Permissions vulnerability in Jetbrains Youtrack JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without necessary permissions to get other project names. | 4.3 |