Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains intellij idea vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2022-29813
In JetBrains IntelliJ IDEA prior to 2022.1 local code execution via custom Pandoc path was possible
Jetbrains Intellij Idea
7.7
CVSSv3
CVE-2022-29819
In JetBrains IntelliJ IDEA prior to 2022.1 local code execution via links in Quick Documentation was possible
Jetbrains Intellij Idea
5.3
CVSSv3
CVE-2021-25756
In JetBrains IntelliJ IDEA prior to 2020.2, HTTP links were used for several remote repositories instead of HTTPS.
Jetbrains Intellij Idea
7.5
CVSSv3
CVE-2022-47895
In JetBrains IntelliJ IDEA prior to 2022.3.1 the "Validate JSP File" action used the HTTP protocol to download required JAR files.
Jetbrains Intellij Idea
7.8
CVSSv3
CVE-2022-46824
In JetBrains IntelliJ IDEA prior to 2022.2.4 a buffer overflow in the fsnotifier daemon on macOS was possible.
Jetbrains Intellij Idea
5.5
CVSSv3
CVE-2022-46826
In JetBrains IntelliJ IDEA prior to 2022.3 the built-in web server allowed an arbitrary file to be read by exploiting a path traversal vulnerability.
Jetbrains Intellij Idea
5.5
CVSSv3
CVE-2022-46827
In JetBrains IntelliJ IDEA prior to 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible.
Jetbrains Intellij Idea
6.1
CVSSv3
CVE-2024-46970
In JetBrains IntelliJ IDEA prior to 2024.1 hTML injection via the project name was possible
Jetbrains Intellij Idea
9.8
CVSSv3
CVE-2019-9823
In several JetBrains IntelliJ IDEA versions, creating remote run configurations of JavaEE application servers leads to saving a cleartext record of the server credentials in the IDE configuration files. The issue has been fixed in the following versions: 2018.3.5, 2018.2.8, 2018....
Jetbrains Intellij Idea
8.1
CVSSv3
CVE-2019-9872
In several versions of JetBrains IntelliJ IDEA Ultimate, creating run configurations for cloud application servers leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. If the Settings Repository plugin was then used and configur...
Jetbrains Intellij Idea
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-44852
CVE-2024-3400
CVE-2024-30129
insecure direct object reference
CVE-2024-12115
CVE-2024-11220
CVE-2024-51378
privilege escalation
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »