Filters
Versions
CVE-2024-37051GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and…
9.3
First published (updated )
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2023.2 plugin for Space was requesting excessive permissions
7.8
First published (updated )
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2023.1.4 license dialog could be suppressed in certain cases
3.3
First published (updated )
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2023.1 the NTLM hash could leak through an API method used in the …
7.5
First published (updated )
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2023.1 the bundled version of Chromium wasn't sandboxed.
8.8
First published (updated )
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle and Maven projects could be imported …
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol to …
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JetBrains IntelliJ IDEAThe installer of JetBrains IntelliJ IDEA before 2022.2.2 was vulnerable to EXE search order hijackin…
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed
7.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode directionality …
2.3
First published (updated )
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fields
8.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JetBrains IntelliJ IDEAJetBrains IntelliJ IDEA 2021.3.1 Preview, IntelliJ IDEA 2021.3.1 RC, PyCharm Professional 2021.3.1 R…
9.8
First published (updated )
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2021.3.1, local code execution via RLO (Right-to-Left Override) ch…
7.8
First published (updated )
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2021.2.4, local code execution (without permission from a user) up…
7.8
First published (updated )
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2021.1, DoS was possible because of unbounded resource allocation.
7.5
First published (updated )
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA 2020.3.3, local code execution was possible because of insufficient check…
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace mode…
7.8
First published (updated )
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories inste…
5.3
First published (updated )
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2020.2, the built-in web server could expose information about the…
5.3
First published (updated )
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2020.1, the license server could be resolved to an untrusted host …
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file re…
7.5
First published (updated )
JetBrains IntelliJ IDEAPorts listened to by JetBrains IntelliJ IDEA before 2019.3 were exposed to the network.
7.5
First published (updated )
JetBrains IntelliJ IDEAIn JetBrains IntelliJ IDEA before 2019.3, some Maven repositories were accessed via HTTP instead of …
7.4
First published (updated )
JetBrains IntelliJ IDEAJetBrains IntelliJ IDEA before 2019.2 allows local user privilege escalation, potentially leading to…
5.3
First published (updated )
JetBrains IntelliJ IDEAJetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link via…
5.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
JetBrains IntelliJ IDEAIn several JetBrains IntelliJ IDEA Ultimate versions, an Application Server run configuration (for T…
9.8
First published (updated )
JetBrains IntelliJ IDEAIn several versions of JetBrains IntelliJ IDEA Ultimate, creating Task Servers configurations leads …
9.8
First published (updated )
JetBrains IntelliJ IDEAIn several versions of JetBrains IntelliJ IDEA Ultimate, creating run configurations for cloud appli…
8.1
First published (updated )
JetBrains IntelliJ IDEAIn several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default settin…
9.8
First published (updated )
JetBrains IntelliJ IDEAIn several JetBrains IntelliJ IDEA versions, creating remote run configurations of JavaEE applicatio…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.