45 matches found
CVE-2019-16557
Jenkins Redgate SQL Change Automation Plugin 2.0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
EUVD-2020-7513
Malware in sbrugna...
EUVD-2018-6488
Malware in sbrugna...
EUVD-2022-50627
Malicious code in bioql PyPI...
CVE-2022-47870
A Cross Site Scripting XSS vulnerability in the web SQL monitor login page in Redgate SQL Monitor 12.1.31.893 allows remote attackers to inject arbitrary web Script or HTML via the returnUrl parameter...
Cross site scripting
A Cross Site Scripting XSS vulnerability in the web SQL monitor login page in Redgate SQL Monitor 12.1.31.893 allows remote attackers to inject arbitrary web Script or HTML via the returnUrl parameter...
PT-2023-15503 · Redgate · Redgate Sql Monitor
Name of the Vulnerable Software and Affected Versions: Redgate SQL Monitor version 12.1.31.893 Description: A Cross Site Scripting XSS issue in the web SQL monitor login page allows remote attackers to inject arbitrary web script or HTML via the returnUrl parameter. This enables attackers to...
CVE-2022-47870
CVE-2022-47870 is a documented XSS in Redgate SQL Monitor 12.1.31.893, affecting the web SQL Monitor login page via the returnUrl parameter. The vulnerability can enable arbitrary script/HTML injection on the client-side and, per exploit descriptions, may lead to session cookie disclosure and acc...
CVE-2022-47870
A Cross Site Scripting XSS vulnerability in the web SQL monitor login page in Redgate SQL Monitor 12.1.31.893 allows remote attackers to inject arbitrary web Script or HTML via the returnUrl parameter...
CVE-2022-47870
A Cross Site Scripting XSS vulnerability in the web SQL monitor login page in Redgate SQL Monitor 12.1.31.893 allows remote attackers to inject arbitrary web Script or HTML via the returnUrl parameter...
SQL Monitor 12.1.31.893 - Cross-Site Scripting Vulnerability
Exploit Title: SQL Monitor 12.1.31.893 - Cross-Site Scripting XSS Date: 12/21/2022 02:07:23 AM UTC Exploit Author: email protected Vendor Homepage: https://www.red-gate.com/ Software Link: https://www.red-gate.com/products/dba/sql-monitor/ Version: SQL Monitor 12.1.31.893 Tested on: Windows OS CV...
SQL Monitor 12.1.31.893 Cross Site Scripting
Exploit Title: SQL Monitor 12.1.31.893 - Cross-Site Scripting XSS Date: 12/21/2022 02:07:23 AM UTC Exploit Author: [email protected] Vendor Homepage: https://www.red-gate.com/ Software Link: https://www.red-gate.com/products/dba/sql-monitor/ Version: SQL Monitor 12.1.31.893 Tested on: Window...
SQL Monitor 12.1.31.893 - Cross-Site Scripting (XSS)
Exploit Title: SQL Monitor 12.1.31.893 - Cross-Site Scripting XSS Date: 12/21/2022 02:07:23 AM UTC Exploit Author: [email protected] Vendor Homepage: https://www.red-gate.com/ Software Link: https://www.red-gate.com/products/dba/sql-monitor/ Version: SQL Monitor 12.1.31.893 Tested on: Window...
GHSA-X23M-8C2H-6WG7 Redgate SQL Change Automation Plugin stored credentials in plain text
Redgate SQL Change Automation Plugin 2.0.4 and earlier stores a NuGet API key unencrypted in job config.xml files as part of its configuration. This credential could be viewed by users with Extended Read permission or access to the Jenkins controller file system. This is due to an incomplete fix ...
Redgate SQL Change Automation Plugin stored credentials in plain text
Redgate SQL Change Automation Plugin 2.0.4 and earlier stores a NuGet API key unencrypted in job config.xml files as part of its configuration. This credential could be viewed by users with Extended Read permission or access to the Jenkins controller file system. This is due to an incomplete fix ...
GHSA-9HPQ-528P-48J3 Jenkins Redgate SQL Change Automation Plugin has Insufficiently Protected Credentials
Jenkins Redgate SQL Change Automation Plugin 2.0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
Jenkins Redgate SQL Change Automation Plugin has Insufficiently Protected Credentials
Jenkins Redgate SQL Change Automation Plugin 2.0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
Red Gate Software Redgate SQL Monitor Information Disclosure Vulnerability
Red Gate Software Redgate SQL Monitor is a database monitoring tool from Red Gate Software, UK. The product supports Microsoft SQL Server monitoring, alerting, analysis and more. A security vulnerability exists in Red Gate Software Redgate SQL Monitor versions 7.1.4 through 10.1.6, which originat...
CVE-2020-15526
In Redgate SQL Monitor 7.1.4 through 10.1.6 inclusive, the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration Notifications pages to disable certificate checking for alert notifications. These TLS security checks are als...
Code injection
In Redgate SQL Monitor 7.1.4 through 10.1.6 inclusive, the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration Notifications pages to disable certificate checking for alert notifications. These TLS security checks are als...