Skip to main content
CVE-2020-11685 HIGH This Week

In JetBrains GoLand before 2019.3.2, the plugin repository was accessed via HTTP instead of HTTPS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Goland
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2020-12059 HIGH PATCH This Week

An issue was discovered in Ceph through 13.2.9. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Ceph Ubuntu Linux
NVD
CVSS 3.1
7.5
EPSS
2.7%
CVE-2020-11649 MEDIUM This Month

An issue was discovered in GitLab CE and EE 8.15 through 12.9.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2020-4085 MEDIUM This Month

"HCL Connections is vulnerable to possible information leakage and could disclose sensitive information via stack trace to a local user.". Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Connections
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2020-11689 MEDIUM This Month

In JetBrains TeamCity before 2019.2.1, a user without appropriate permissions was able to import settings from the settings.kts file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Teamcity
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2020-11416 MEDIUM This Month

JetBrains Space through 2020-04-22 allows stored XSS in Chats. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Space
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2020-11938 MEDIUM This Month

In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator was able to see scrambled password parameters used in a project. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Teamcity
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2020-10905 LOW Monitor

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Phantompdf Reader
NVD
CVSS 3.1
3.3
EPSS
3.4%
CVE-2020-10903 LOW Monitor

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Phantompdf Reader
NVD
CVSS 3.1
3.3
EPSS
3.4%
CVE-2020-10901 LOW Monitor

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Phantompdf Reader
NVD
CVSS 3.1
3.3
EPSS
3.5%
CVE-2020-10894 LOW Monitor

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Phantompdf Reader
NVD
CVSS 3.1
3.3
EPSS
3.3%
CVE-2020-11692 LOW Monitor

In JetBrains YouTrack before 2020.1.659, DB export was accessible to read-only administrators. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Youtrack
NVD
CVSS 3.1
2.7
EPSS
0.9%
CVE-2020-11686 LOW Monitor

In JetBrains TeamCity before 2019.1.4, a project administrator was able to retrieve some TeamCity server settings. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Teamcity
NVD
CVSS 3.1
2.7
EPSS
0.7%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy