Show filters
456 Total Results
Displaying 101-110 of 456
Sort by:
Attacker Value
Unknown

CVE-2024-28230

Disclosure Date: March 07, 2024 (last updated December 18, 2024)
In JetBrains YouTrack before 2024.1.25893 attaching/detaching workflow to a project was possible without project admin permissions
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-28229

Disclosure Date: March 07, 2024 (last updated December 18, 2024)
In JetBrains YouTrack before 2024.1.25893 user without appropriate permissions could restore issues and articles
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-28228

Disclosure Date: March 07, 2024 (last updated December 18, 2024)
In JetBrains YouTrack before 2024.1.25893 creation comments on behalf of an arbitrary user in HelpDesk was possible
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-28174

Disclosure Date: March 06, 2024 (last updated December 18, 2024)
In JetBrains TeamCity before 2023.11.4 presigned URL generation requests in S3 Artifact Storage plugin were authorized improperly
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-28173

Disclosure Date: March 06, 2024 (last updated December 18, 2024)
In JetBrains TeamCity between 2023.11 and 2023.11.4 custom build parameters of the "password" type could be disclosed
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-24943

Disclosure Date: February 06, 2024 (last updated February 09, 2024)
In JetBrains Toolbox App before 2.2 a DoS attack was possible via a malicious SVG image
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-24941

Disclosure Date: February 06, 2024 (last updated February 09, 2024)
In JetBrains IntelliJ IDEA before 2023.3.3 a plugin for JetBrains Space was able to send an authentication token to an inappropriate URL
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-24940

Disclosure Date: February 06, 2024 (last updated February 08, 2024)
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-24939

Disclosure Date: February 06, 2024 (last updated February 09, 2024)
In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was possible
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-24938

Disclosure Date: February 06, 2024 (last updated February 09, 2024)
In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  < Previous  Next >