Shodan
Vulnerabilities
Vulnerable Software
Jetbrains:  Security Vulnerabilities
CVE-2019-12736
JetBrains Ktor framework before 1.2.0-rc does not sanitize the username provided by the user for the LDAP protocol, leading to command injection.
CVSS Score
9.8
EPSS Score
0.0
Published
2019-10-02
CVE-2019-12737
UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials.
CVSS Score
5.3
EPSS Score
0.0
Published
2019-10-02
CVE-2019-14956
JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without necessary permissions to get other project names.
CVSS Score
4.3
EPSS Score
0.0
Published
2019-10-02
CVE-2019-14958
JetBrains PyCharm before 2019.2 was allocating a buffer of unknown size for one of the connection processes. In a very specific situation, it could lead to a remote invocation of an OOM error message because of Uncontrolled Memory Allocation.
CVSS Score
7.5
EPSS Score
0.0
Published
2019-10-02
CVE-2019-14959
JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection.
CVSS Score
5.9
EPSS Score
0.0
Published
2019-10-02
CVE-2019-12156
Server metadata could be exposed because one of the error messages reflected the whole response back to the client in JetBrains TeamCity versions before 2018.2.5 and UpSource versions before 2018.2 build 1293.
CVSS Score
5.3
EPSS Score
0.0
Published
2019-10-02
CVE-2019-12157
In JetBrains UpSource versions before 2018.2 build 1293, there is credential disclosure via RPC commands.
CVSS Score
9.8
EPSS Score
0.0
Published
2019-10-02
CVE-2019-15035
An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Project administrator could get access to potentially confidential server-level data. The issue was fixed in TeamCity 2018.2.5 and 2019.1.
CVSS Score
4.9
EPSS Score
0.0
Published
2019-10-01
CVE-2019-15041
JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere.
CVSS Score
6.1
EPSS Score
0.0
Published
2019-10-01
CVE-2019-14961
JetBrains Upsource before 2019.1.1412 was not properly escaping HTML tags in a code block comments, leading to XSS.
CVSS Score
6.1
EPSS Score
0.0
Published
2019-10-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved