Lucene search
+L

45 matches found

CVE
CVE
added 2020/07/09 4:40 p.m.52 views

CVE-2020-15526

CVE-2020-15526 affects Redgate SQL Monitor versions 7.1.4 through 10.1.6, where the scope for disabling TLS certificate checks could extend beyond the intended Configuration > Notifications, also affecting VMware monitoring. This allows potential man-in-the-middle attacks when sending alert no...

5.9CVSS5.9AI score0.00499EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/07/09 4:40 p.m.16 views

CVE-2020-15526

In Redgate SQL Monitor 7.1.4 through 10.1.6 inclusive, the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration Notifications pages to disable certificate checking for alert notifications. These TLS security checks are als...

5.9AI score0.00499EPSS
Exploits0References1
CNVD
CNVD
added 2020/02/21 12:0 a.m.6 views

Redgate SQL Monitor SQL Injection Vulnerability

Redgate SQL Monitor is a Microsoft SQL Server monitoring, alerting and analysis tool for database administrators. Redgate SQL Monitor 9.0.13 - 9.2.14 suffers from a SQL injection vulnerability. The vulnerability can be exploited by administrator users to conduct SQL injection attacks by configuri...

7.2CVSS7.9AI score0.00897EPSS
Exploits0References1
CNVD
CNVD
added 2020/01/22 12:0 a.m.1 views

Unauthorized Access Vulnerability in CloudBees Jenkins Redgate SQL Change Automation Plugin

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . CloudBees Jenkins Redgate SQL...

4.3CVSS7.5AI score0.00855EPSS
Exploits0References1
OSV
OSV
added 2020/01/15 4:15 p.m.16 views

CVE-2020-2095

Jenkins Redgate SQL Change Automation Plugin 2.0.4 and earlier stored an API key unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...

4.3CVSS7.1AI score
Exploits0References1
CVE
CVE
added 2020/01/15 3:15 p.m.66 views

CVE-2020-2095

CVE-2020-2095 affects the Jenkins Redgate SQL Change Automation Plugin (versions 2.0.4 and earlier). The vulnerability arises because an API key is stored unencrypted in job config.xml files on the Jenkins master, allowing viewing by users with Extended Read permission or access to the master fil...

4.3CVSS4.9AI score0.00855EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/01/15 3:15 p.m.31 views

CVE-2020-2095

Jenkins Redgate SQL Change Automation Plugin 2.0.4 and earlier stored an API key unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...

4.9AI score0.00855EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/01/15 12:0 a.m.6 views

PT-2020-15301 · Redgate +1 · Jenkins Redgate Sql Change Automation Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Redgate SQL Change Automation Plugin versions 2.0.4 and earlier Description: The issue concerns the storage of an API key in an unencrypted form in job config.xml files on the Jenkins master. This allows users with Extended Read...

4.3CVSS4.8AI score0.00855EPSS
Exploits0References6
CNVD
CNVD
added 2019/12/25 12:0 a.m.3 views

Unspecified Vulnerability in CloudBees Jenkins Redgate SQL Change Automation Plugin

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . A security vulnerability exists in CloudBees Jenkins Redgate SQL Change Automation Plugin 2.0.3 and prior versions, which stems from the program storing credentia...

6.5CVSS7.5AI score0.00852EPSS
Exploits0References1
NVD
NVD
added 2019/12/17 3:15 p.m.29 views

CVE-2019-16557

Jenkins Redgate SQL Change Automation Plugin 2.0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

6.5CVSS6.7AI score0.00852EPSS
Exploits0References2
OSV
OSV
added 2019/12/17 3:15 p.m.20 views

CVE-2019-16557

Jenkins Redgate SQL Change Automation Plugin 2.0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

6.5CVSS7.3AI score
Exploits0References2
Prion
Prion
added 2019/12/17 3:15 p.m.19 views

Design/Logic Flaw

Jenkins Redgate SQL Change Automation Plugin 2.0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

4CVSS6.6AI score0.00852EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/12/17 2:40 p.m.23 views

CVE-2019-16557

Jenkins Redgate SQL Change Automation Plugin 2.0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

6.7AI score0.00852EPSS
Exploits0References2
CVE
CVE
added 2019/12/17 2:40 p.m.72 views

CVE-2019-16557

Summary: CVE-2019-16557 affects Jenkins with the Redgate SQL Change Automation Plugin 2.0.3 and earlier. The issue is that credentials are stored unencrypted in job config.xml files on the Jenkins master, enabling exposure to anyone with Extended Read permissions or access to the master filesyste...

6.5CVSS6.6AI score0.00852EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2019/12/17 12:0 a.m.9 views

PT-2019-14712 · Redgate +1 · Jenkins Redgate Sql Change Automation Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Redgate SQL Change Automation Plugin versions 2.0.3 and earlier Description: The issue allows credentials to be stored unencrypted in job config.xml files on the Jenkins master. Users with Extended Read permission or access to the...

6.5CVSS6.5AI score0.00852EPSS
Exploits0References6
NVD
NVD
added 2018/07/31 2:29 p.m.10 views

CVE-2018-14581

Redgate .NET Reflector before 10.0.7.774 and SmartAssembly before 6.12.5 allow attackers to execute code by decompiling a compiled .NET object such as a DLL or EXE file with a specific embedded resource file...

7.8CVSS7.8AI score0.01838EPSS
Exploits1References3
Prion
Prion
added 2018/07/31 2:29 p.m.24 views

Design/Logic Flaw

Redgate .NET Reflector before 10.0.7.774 and SmartAssembly before 6.12.5 allow attackers to execute code by decompiling a compiled .NET object such as a DLL or EXE file with a specific embedded resource file...

6.8CVSS7.7AI score0.01838EPSS
Exploits1References3Affected Software2
Cvelist
Cvelist
added 2018/07/31 2:0 p.m.17 views

CVE-2018-14581

Redgate .NET Reflector before 10.0.7.774 and SmartAssembly before 6.12.5 allow attackers to execute code by decompiling a compiled .NET object such as a DLL or EXE file with a specific embedded resource file...

7.8AI score0.01838EPSS
Exploits1References3
CVE
CVE
added 2018/07/31 2:0 p.m.56 views

CVE-2018-14581

CVE-2018-14581 affects Redgate .NET Reflector prior to 10.0.7.774 and SmartAssembly prior to 6.12.5. The issue allows code execution by decompiling a compiled .NET object (e.g., DLL/EXE) that contains a specific embedded resource file; exploitation would occur when the affected tools process that...

7.8CVSS7.7AI score0.01838EPSS
Exploits1References3Affected Software2
ATTACKERKB
ATTACKERKB
added 2018/07/31 12:0 a.m.15 views

CVE-2018-14581

Redgate .NET Reflector before 10.0.7.774 and SmartAssembly before 6.12.5 allow attackers to execute code by decompiling a compiled .NET object such as a DLL or EXE file with a specific embedded resource file. Recent assessments: zeroSteiner at March 20, 2020 12:43pm UTC reported: A crafted .RESX...

7.8CVSS2.9AI score0.01838EPSS
Exploits1References4
Rows per page
Query Builder