Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2019-14957
The JetBrains Vim plugin before version 0.52 was storing individual project data in the global vim_settings.xml file. This xml file could be synchronized to a publicly accessible GitHub repository.
Jetbrains Vim
445
VMScore
CVE-2019-14958
JetBrains PyCharm prior to 2019.2 was allocating a buffer of unknown size for one of the connection processes. In a very specific situation, it could lead to a remote invocation of an OOM error message because of Uncontrolled Memory Allocation.
Jetbrains Pycharm
605
VMScore
CVE-2019-15040
JetBrains YouTrack versions prior to 2019.1 had a CSRF vulnerability on the settings page.
Jetbrains Youtrack
445
VMScore
CVE-2014-10002
Unspecified vulnerability in JetBrains TeamCity prior to 8.1 allows remote malicious users to obtain sensitive information via unknown vectors.
Jetbrains Teamcity
NA
CVE-2022-46828
In JetBrains IntelliJ IDEA prior to 2022.3 a DYLIB injection on macOS was possible.
Jetbrains Intellij Idea
NA
CVE-2022-46830
In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning.
Jetbrains Teamcity
668
VMScore
CVE-2019-12736
JetBrains Ktor framework prior to 1.2.0-rc does not sanitize the username provided by the user for the LDAP protocol, leading to command injection.
Jetbrains Ktor
445
VMScore
CVE-2019-12845
The generated Kotlin DSL settings allowed usage of an unencrypted connection for resolving artifacts. The issue was fixed in JetBrains TeamCity 2018.2.3.
Jetbrains Teamcity
356
VMScore
CVE-2019-12846
A user without the required permissions could gain access to some JetBrains TeamCity settings. The issue was fixed in TeamCity 2018.2.2.
Jetbrains Teamcity
356
VMScore
CVE-2019-12847
In JetBrains Hub versions earlier than 2018.4.11298, the audit events for SMTPSettings show a cleartext password to the admin user. It is only relevant in cases where a password has not changed since 2017, and if the audit log still contains events from before that period.
Jetbrains Hub
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »