| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Linux version 7.0.2 and below, 6.4.7 and below and 6.2.9 and below may allow an unauthenticated attacker to access the confighandler webserver via external binaries. |
| A improper control of a resource through its lifetime in Fortinet FortiClientWindows version 6.4.1 and 6.4.0, version 6.2.9 and below, version 6.0.10 and below allows attacker to cause a complete denial of service of its components via changes of directory access permissions. |
| In JetBrains Ktor before 1.6.4, nonce verification during the OAuth2 authentication process is implemented improperly. |
| In JetBrains TeamCity before 2021.1.3, the X-Frame-Options header is missing in some cases. |
| In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project. |
| In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient. |
| In JetBrains TeamCity before 2021.1.2, permission checks in the Create Patch functionality are insufficient. |
| In JetBrains TeamCity before 2021.1.2, stored XSS is possible. |
| In JetBrains TeamCity before 2021.1.2, email notifications could include unescaped HTML for XSS. |
| In JetBrains TeamCity before 2021.1, information disclosure via the Docker Registry connection dialog is possible. |
| In JetBrains TeamCity before 2021.1.2, some HTTP security headers were missing. |
| In JetBrains TeamCity before 2021.1.2, user enumeration was possible. |
| In JetBrains TeamCity before 2021.1.2, remote code execution via the agent push functionality is possible. |
| In JetBrains YouTrack Mobile before 2021.2, iOS URL scheme hijacking is possible. |
| JetBrains YouTrack Mobile before 2021.2, is missing the security screen on Android and iOS. |
| In JetBrains YouTrack Mobile before 2021.2, task hijacking on Android is possible. |
| In JetBrains YouTrack Mobile before 2021.2, access token protection on Android is incomplete. |
| In JetBrains YouTrack Mobile before 2021.2, access token protection on iOS is incomplete. |
| In JetBrains YouTrack Mobile before 2021.2, the client-side cache on iOS could contain sensitive information. |
| JetBrains YouTrack before 2021.3.24402 is vulnerable to stored XSS. |