GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5,...
9.3CVSS
6.9AI Score
0.001EPSS
In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was...
5.3CVSS
5.3AI Score
0.0005EPSS
In JetBrains Rider before 2022.2 Trust and Open Project dialog could be bypassed, leading to local code...
7.8CVSS
7.7AI Score
0.0004EPSS
A vulnerability classified as critical has been found in Cardo Systems Scala Rider Q3. Affected is the file /cardo/api of the Cardo-Updater. Unauthenticated remote code execution with root permissions is possible. Firewalling or disabling the service is...
8.8CVSS
9.1AI Score
0.002EPSS
In JetBrains Rider before 2022.1 local code execution via links in ReSharper Quick Documentation was...
7.7CVSS
7.7AI Score
0.0004EPSS
In JetBrains Rider versions 2019.3 EAP2 through 2019.3 EAP7, there were unsigned binaries provided by the Windows installer. This issue was fixed in release version...
7.5CVSS
7.5AI Score
0.002EPSS
JetBrains Rider before 2019.1.2 was using an unsigned JetBrains.Rider.Unity.Editor.Plugin.Repacked.dll...
7.8CVSS
7.5AI Score
0.0004EPSS
Text Rider 2.4 stores sensitive data in the data directory under the web document root with insufficient access control, which allows remote attackers to obtain usernames and password hashes by directly accessing...
6.7AI Score
0.016EPSS
Text Rider 2.4 allows attackers to bypass authentication and upload files without providing a valid password by obtaining the MD5 hash of the password (possibly via another vulnerability that reads it from a data file), then including the hash in a...
7AI Score
0.002EPSS
SQL injection vulnerability in default.asp in ASP-Rider 1.6 allows remote attackers to execute arbitrary SQL commands via the HTTP...
8.8AI Score
0.008EPSS
SQL injection vulnerability in verify.asp in Asp-rider allows remote attackers to execute arbitrary SQL statements and bypass authentication via the username...
8.4AI Score
0.002EPSS