36 matches found
EUVD-2022-1090
Malicious code in bioql PyPI...
EUVD-2022-1219
Malicious code in bioql PyPI...
CVE-2022-25205
A cross-site request forgery CSRF vulnerability in Jenkins dbCharts Plugin 0.5.2 and earlier allows attackers to connect to an attacker-specified database via JDBC using attacker-specified credentials and to determine if a class is available in the Jenkins instance...
CVE-2022-25206
A missing check in Jenkins dbCharts Plugin 0.5.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified database via JDBC using attacker-specified credentials...
CVE-2022-27216
Jenkins dbCharts Plugin 0.5.2 and earlier stores JDBC connection passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...
Jenkins dbCharts Plugin Information Disclosure Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. Jenkins dbCharts Plugin is vulnerable to an information disclosure...
GHSA-X75R-G63M-82WJ Passwords stored in plain text by Jenkins dbCharts Plugin
Jenkins dbCharts Plugin 0.5.2 and earlier stores JDBC connection passwords unencrypted in its global configuration file hudson.plugins.dbcharts.DbChartPublisher.xml on the Jenkins controller as part of its configuration. These passwords can be viewed by users with access to the Jenkins controller...
Passwords stored in plain text by Jenkins dbCharts Plugin
Jenkins dbCharts Plugin 0.5.2 and earlier stores JDBC connection passwords unencrypted in its global configuration file hudson.plugins.dbcharts.DbChartPublisher.xml on the Jenkins controller as part of its configuration. These passwords can be viewed by users with access to the Jenkins controller...
CVE-2022-27216
Jenkins dbCharts Plugin 0.5.2 and earlier stores JDBC connection passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...
CVE-2022-27216
Jenkins dbCharts Plugin 0.5.2 and earlier stores JDBC connection passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...
CVE-2022-27216
Jenkins dbCharts Plugin 0.5.2 and earlier stores JDBC connection passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...
CVE-2022-27216
CVE-2022-27216 affects Jenkins dbCharts Plugin 0.5.2 and earlier. The vulnerability stores JDBC connection passwords in plaintext in the plugin’s global configuration file on the Jenkins controller, enabling users with filesystem access to view passwords. This is corroborated by Red Hat, NVD, GHS...
PT-2022-18304 · Jenkins · Jenkins Dbcharts Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins dbCharts Plugin versions 0.5.2 and earlier Description: The issue concerns the storage of JDBC connection passwords in the global configuration file on the Jenkins controller. These passwords are stored unencrypted and can be viewed b...
Jenkins dbCharts 插件安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. Jenkins dbCharts Plugin is vulnerable to an information disclosure...
Jenkins dbCharts Plugin Cross-Site Request Forgery Vulnerability
Jenkins plug-ins are plug-ins that provide appropriate functionality for Jenkins. Jenkins dbCharts Plugin cross-site request forgery vulnerability. The vulnerability allows an attacker to connect to a specified database via JDBC using specified credentials and determine whether a class is availab...
Jenkins dbCharts Plugin Access Control Error Vulnerability
Jenkins plug-ins are plug-ins that provide appropriate functionality for Jenkins. Jenkins dbCharts Plugin Access Control Error Vulnerability. An attacker can exploit this vulnerability to connect to a specified database using JDBC with specified credentials...
GHSA-VX6F-6RP6-F2PX Cross-Site Request Forgery in Jenkins dbCharts Plugin
A cross-site request forgery CSRF vulnerability in Jenkins dbCharts Plugin 0.5.2 and earlier allows attackers to connect to an attacker-specified database via JDBC using attacker-specified credentials and to determine if a class is available in the Jenkins instance...
Cross-Site Request Forgery in Jenkins dbCharts Plugin
A cross-site request forgery CSRF vulnerability in Jenkins dbCharts Plugin 0.5.2 and earlier allows attackers to connect to an attacker-specified database via JDBC using attacker-specified credentials and to determine if a class is available in the Jenkins instance...
Missing Authorization in Jenkins dbCharts Plugin
A missing check in Jenkins dbCharts Plugin 0.5.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified database via JDBC using attacker-specified credentials...
GHSA-M5WP-P3GJ-7Q5G Missing Authorization in Jenkins dbCharts Plugin
A missing check in Jenkins dbCharts Plugin 0.5.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified database via JDBC using attacker-specified credentials...