|
222971
|
8.8 |
HIGH
Network
|
jetbrains
|
youtrack
|
JetBrains YouTrack versions before 2019.1 had a CSRF vulnerability on the settings page.
|
CWE-352
Origin Validation Error
|
CVE-2019-15040
|
2024-11-21 13:27 |
2019-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222972
|
6.1 |
MEDIUM
Network
|
jetbrains
|
teamcity
|
An issue was discovered in JetBrains TeamCity 2018.2.4. It had several XSS vulnerabilities on the settings pages. The issues were fixed in TeamCity 2019.1.
|
CWE-79
Cross-site Scripting
|
CVE-2019-15037
|
2024-11-21 13:27 |
2019-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222973
|
7.2 |
HIGH
Network
|
jetbrains
|
teamcity
|
An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Project administrator could execute any command on the server machine. The issue was fixed in TeamCity 2018.2.5 and 2019.1.
|
CWE-78
OS Command
|
CVE-2019-15036
|
2024-11-21 13:27 |
2019-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222974
|
5.9 |
MEDIUM
Network
|
jetbrains
|
toolbox
|
JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2019-14959
|
2024-11-21 13:27 |
2019-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222975
|
7.5 |
HIGH
Network
|
jetbrains
|
pycharm
|
JetBrains PyCharm before 2019.2 was allocating a buffer of unknown size for one of the connection processes. In a very specific situation, it could lead to a remote invocation of an OOM error message…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2019-14958
|
2024-11-21 13:27 |
2019-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222976
|
4.3 |
MEDIUM
Network
|
jetbrains
|
youtrack
|
JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without necessary permissions to get other project names.
|
CWE-281
Improper Preservation of Permissions
|
CVE-2019-14956
|
2024-11-21 13:27 |
2019-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222977
|
6.1 |
MEDIUM
Network
|
jetbrains
|
youtrack
|
JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere.
|
CWE-601
Open Redirect
|
CVE-2019-15041
|
2024-11-21 13:27 |
2019-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222978
|
4.9 |
MEDIUM
Network
|
jetbrains
|
teamcity
|
An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Project administrator could get access to potentially confidential server-level data. The issue was fixed in TeamCity 2018.2.5 and 2…
|
NVD-CWE-noinfo
|
CVE-2019-15035
|
2024-11-21 13:27 |
2019-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222979
|
7.5 |
HIGH
Network
|
jetbrains
|
teamcity
|
An issue was discovered in JetBrains TeamCity 2018.2.4. It had no SSL certificate validation for some external https connections. This was fixed in TeamCity 2019.1.
|
CWE-295
Improper Certificate Validation
|
CVE-2019-15042
|
2024-11-21 13:27 |
2019-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222980
|
6.1 |
MEDIUM
Network
|
jetbrains
|
upsource
|
JetBrains Upsource before 2019.1.1412 was not properly escaping HTML tags in a code block comments, leading to XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2019-14961
|
2024-11-21 13:27 |
2019-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
