45 matches found
CVE-2020-15526
CVE-2020-15526 affects Redgate SQL Monitor versions 7.1.4 through 10.1.6, where the scope for disabling TLS certificate checks could extend beyond the intended Configuration > Notifications, also affecting VMware monitoring. This allows potential man-in-the-middle attacks when sending alert no...
CVE-2020-15526
In Redgate SQL Monitor 7.1.4 through 10.1.6 inclusive, the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration Notifications pages to disable certificate checking for alert notifications. These TLS security checks are als...
Redgate SQL Monitor SQL Injection Vulnerability
Redgate SQL Monitor is a Microsoft SQL Server monitoring, alerting and analysis tool for database administrators. Redgate SQL Monitor 9.0.13 - 9.2.14 suffers from a SQL injection vulnerability. The vulnerability can be exploited by administrator users to conduct SQL injection attacks by configuri...
Unauthorized Access Vulnerability in CloudBees Jenkins Redgate SQL Change Automation Plugin
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . CloudBees Jenkins Redgate SQL...
CVE-2020-2095
Jenkins Redgate SQL Change Automation Plugin 2.0.4 and earlier stored an API key unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
CVE-2020-2095
CVE-2020-2095 affects the Jenkins Redgate SQL Change Automation Plugin (versions 2.0.4 and earlier). The vulnerability arises because an API key is stored unencrypted in job config.xml files on the Jenkins master, allowing viewing by users with Extended Read permission or access to the master fil...
CVE-2020-2095
Jenkins Redgate SQL Change Automation Plugin 2.0.4 and earlier stored an API key unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system...
PT-2020-15301 · Redgate +1 · Jenkins Redgate Sql Change Automation Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Redgate SQL Change Automation Plugin versions 2.0.4 and earlier Description: The issue concerns the storage of an API key in an unencrypted form in job config.xml files on the Jenkins master. This allows users with Extended Read...
Unspecified Vulnerability in CloudBees Jenkins Redgate SQL Change Automation Plugin
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . A security vulnerability exists in CloudBees Jenkins Redgate SQL Change Automation Plugin 2.0.3 and prior versions, which stems from the program storing credentia...
CVE-2019-16557
Jenkins Redgate SQL Change Automation Plugin 2.0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-16557
Jenkins Redgate SQL Change Automation Plugin 2.0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
Design/Logic Flaw
Jenkins Redgate SQL Change Automation Plugin 2.0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-16557
Jenkins Redgate SQL Change Automation Plugin 2.0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-16557
Summary: CVE-2019-16557 affects Jenkins with the Redgate SQL Change Automation Plugin 2.0.3 and earlier. The issue is that credentials are stored unencrypted in job config.xml files on the Jenkins master, enabling exposure to anyone with Extended Read permissions or access to the master filesyste...
PT-2019-14712 · Redgate +1 · Jenkins Redgate Sql Change Automation Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Redgate SQL Change Automation Plugin versions 2.0.3 and earlier Description: The issue allows credentials to be stored unencrypted in job config.xml files on the Jenkins master. Users with Extended Read permission or access to the...
CVE-2018-14581
Redgate .NET Reflector before 10.0.7.774 and SmartAssembly before 6.12.5 allow attackers to execute code by decompiling a compiled .NET object such as a DLL or EXE file with a specific embedded resource file...
Design/Logic Flaw
Redgate .NET Reflector before 10.0.7.774 and SmartAssembly before 6.12.5 allow attackers to execute code by decompiling a compiled .NET object such as a DLL or EXE file with a specific embedded resource file...
CVE-2018-14581
Redgate .NET Reflector before 10.0.7.774 and SmartAssembly before 6.12.5 allow attackers to execute code by decompiling a compiled .NET object such as a DLL or EXE file with a specific embedded resource file...
CVE-2018-14581
CVE-2018-14581 affects Redgate .NET Reflector prior to 10.0.7.774 and SmartAssembly prior to 6.12.5. The issue allows code execution by decompiling a compiled .NET object (e.g., DLL/EXE) that contains a specific embedded resource file; exploitation would occur when the affected tools process that...
CVE-2018-14581
Redgate .NET Reflector before 10.0.7.774 and SmartAssembly before 6.12.5 allow attackers to execute code by decompiling a compiled .NET object such as a DLL or EXE file with a specific embedded resource file. Recent assessments: zeroSteiner at March 20, 2020 12:43pm UTC reported: A crafted .RESX...