Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intellij idea vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-10104
In several JetBrains IntelliJ IDEA Ultimate versions, an Application Server run configuration (for Tomcat, Jetty, Resin, or CloudBees) with the default setting allowed a remote malicious user to execute code when the configuration is running, because a JMX server listened on all ...
Jetbrains Intellij Idea
NA
CVE-2022-40978
The installer of JetBrains IntelliJ IDEA prior to 2022.2.2 was vulnerable to EXE search order hijacking
Jetbrains Intellij Idea
NA
CVE-2022-46825
In JetBrains IntelliJ IDEA prior to 2022.3 the built-in web server leaked information about open projects.
Jetbrains Intellij Idea
NA
CVE-2022-46827
In JetBrains IntelliJ IDEA prior to 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible.
Jetbrains Intellij Idea
2.1
CVSSv2
CVE-2022-29812
In JetBrains IntelliJ IDEA prior to 2022.1 notification mechanisms about using Unicode directionality formatting characters were insufficient
Jetbrains Intellij Idea
4.4
CVSSv2
CVE-2022-29814
In JetBrains IntelliJ IDEA prior to 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible
Jetbrains Intellij Idea
3.6
CVSSv2
CVE-2022-29818
In JetBrains IntelliJ IDEA prior to 2022.1 origin checks in the internal web server were flawed
Jetbrains Intellij Idea
4.6
CVSSv2
CVE-2022-24346
In JetBrains IntelliJ IDEA prior to 2021.3.1, local code execution via RLO (Right-to-Left Override) characters was possible.
Jetbrains Intellij Idea
7.8
CVSSv2
CVE-2017-8316
IntelliJ IDEA XML parser was found vulnerable to XML External Entity attack, an attacker can exploit the vulnerability by implementing malicious code on both Androidmanifest.xml.
Jetbrains Intellij Idea
7.5
CVSSv2
CVE-2019-9186
In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote malicious users to execute code when the configuration is running, because a JMX server listens on all interfaces (instead of listening on only the localhost inter...
Jetbrains Intellij Idea
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »