Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains intellij idea vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-25758
In JetBrains IntelliJ IDEA prior to 2020.3, potentially insecure deserialization of the workspace model could lead to local code execution.
Jetbrains Intellij Idea
7.7
CVSSv3
CVE-2022-29814
In JetBrains IntelliJ IDEA prior to 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible
Jetbrains Intellij Idea
7.7
CVSSv3
CVE-2022-29819
In JetBrains IntelliJ IDEA prior to 2022.1 local code execution via links in Quick Documentation was possible
Jetbrains Intellij Idea
7.5
CVSSv3
CVE-2022-48430
In JetBrains IntelliJ IDEA prior to 2023.1 file content could be disclosed via an external stylesheet path in Markdown preview.
Jetbrains Intellij Idea
7.5
CVSSv3
CVE-2022-48433
In JetBrains IntelliJ IDEA prior to 2023.1 the NTLM hash could leak through an API method used in the IntelliJ IDEA built-in web server.
Jetbrains Intellij Idea
7.5
CVSSv3
CVE-2022-47895
In JetBrains IntelliJ IDEA prior to 2022.3.1 the "Validate JSP File" action used the HTTP protocol to download required JAR files.
Jetbrains Intellij Idea
7.5
CVSSv3
CVE-2021-30504
In JetBrains IntelliJ IDEA prior to 2021.1, DoS was possible because of unbounded resource allocation.
7.5
CVSSv3
CVE-2020-7914
In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network. This issue was fixed in 2019.3.
Jetbrains Intellij Idea
7.5
CVSSv3
CVE-2020-7905
Ports listened to by JetBrains IntelliJ IDEA prior to 2019.3 were exposed to the network.
Jetbrains Intellij Idea
7.5
CVSSv3
CVE-2017-8316
IntelliJ IDEA XML parser was found vulnerable to XML External Entity attack, an attacker can exploit the vulnerability by implementing malicious code on both Androidmanifest.xml.
Jetbrains Intellij Idea
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »