12 matches found
Security Updates for Microsoft SQL Server OLE DB Driver (April 2023)
The Microsoft SQL Server driver installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...
Security Updates for Microsoft SQL Server ODBC Driver (April 2023)
The Microsoft SQL Server driver installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...
CVE-2023-28304
Microsoft ODBC and OLE DB Remote Code Execution Vulnerability...
CVE-2023-28304 Microsoft ODBC and OLE DB Remote Code Execution Vulnerability
...
CVE-2023-28304
CVE-2023-28304 affects Microsoft ODBC/OLE DB drivers for SQL Server (e.g., ODBC Driver 17/18, OLE DB Driver 18/19). Root cause: insufficient input validation in the Windows ODBC and OLE DB drivers. Impact: can lead to remote/local arbitrary code execution depending on source; CVSS shows local att...
CVE-2023-28304 Microsoft ODBC and OLE DB Remote Code Execution Vulnerability
...
CVE-2022-28304
creationtimestamp| type| source ---|---|--- 2023-03-29 22:15:58+00:00| seen| https://t.me/cibsecurity/61052...
CVE-2022-28304
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2022-28304
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2022-28304
Bentley MicroStation CONNECT 10.16.02.034 is affected by CVE-2022-28304. The vulnerability arises in OBJ file parsing due to improper validation of user-supplied data lengths copied into a fixed-length, stack-based buffer, enabling code execution within the current process. Exploitation requires ...
CVE-2020-28304
...
CVE-2020-28304
CVE-2020-28304 is rejected/not used; this entry does not represent an active vulnerability.