CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2023/02/14 12:0 a.m.•3 views

PT-2023-1454 · Microsoft · Sql Server

Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server affected versions not specified Description: The issue is related to insufficient input validation in the database management system, which can be exploited to execute arbitrary code. This allows an attacker to potentiall...

7.8CVSS9.7AI score0.00166EPSS

Exploits0References8

Positive Technologies•added 2023/02/14 12:0 a.m.•1 views

PT-2023-1598 · Microsoft · Windows +1

Name of the Vulnerable Software and Affected Versions: Microsoft WDAC OLE DB provider for SQL Server affected versions not specified Description: The issue is related to insufficient input validation in the Microsoft WDAC OLE DB provider for SQL Server on Windows operating systems. This allows a...

10CVSS9.6AI score0.0164EPSS

Exploits0References6

CNVD•added 2023/02/14 12:0 a.m.•8 views

Oracle Database Server Java VM Component Denial of Service Vulnerability

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. Oracle Database Server has a denial of service vulnerability that can be exploited by a...

4.3CVSS6.3AI score0.00459EPSS

CNNVD•added 2023/02/14 12:0 a.m.•11 views

Microsoft SQL Server 安全漏洞

Microsoft SQL Server is a large commercial database system from Microsoft that is used on Microsoft Windows systems. A security vulnerability exists in SQL Server. The following products and versions are affected:Microsoft SQL Server 2017 for x64-based Systems GDR,Microsoft SQL Server 2014 Servic...

8.8CVSS8.3AI score0.02059EPSS

Exploits0References3

Prion•added 2023/01/31 5:15 p.m.•13 views

Authorization

A CWE-863: Incorrect Authorization vulnerability exists that could cause Denial of Service against the Geo SCADA server when specific messages are sent to the server over the database server TCP port...

5CVSS7.5AI score0.00488EPSS

Exploits0References1Affected Software3

Cvelist•added 2023/01/31 12:0 a.m.•17 views

CVE-2023-22610

9.1CVSS9.3AI score0.00488EPSS

CVE•added 2023/01/31 12:0 a.m.•46 views

CVE-2023-22610

CVE-2023-22610 affects Schneider Electric EcoStruxure Geo SCADA Expert (Geo SCADA server) with an Incorrect Authorization (CWE-863) flaw that could cause Denial of Service when specific messages are sent over the database server TCP port. Public details in connected sources indicate vulnerable Ec...

9.1CVSS7.4AI score0.00488EPSS

Exploits0References1Affected Software3

Cvelist•added 2023/01/31 12:0 a.m.•13 views

CVE-2023-22611

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure when specific messages are sent to the server over the database server TCP port. Affected Products: EcoStruxure Geo SCADA Expert 2019 - 2021 formerly known as...

7.5CVSS7.4AI score0.004EPSS

BDU FSTEC•added 2023/01/31 12:0 a.m.•1 views

The vulnerability of the Oracle Data Provider for .NET component in the Oracle Database Server database management system allows a hacker to gain full control over the application.

The vulnerability of the Oracle Data Provider for .NET component in the Oracle Database Server database management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain full control over the application using the TCPS protocol...

7.6CVSS6.9AI score0.01065EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/01/31 12:0 a.m.•8 views

CVE-2023-22610

9.1CVSS9.2AI score0.00488EPSS

6.8CVSS6.3AI score0.00384EPSS

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component of the database management system involves insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

6.8CVSS6.3AI score0.49353EPSS

Vulnerability of the MySQL Server component of the database management system for GIS applications, which allows attackers to cause service interruptions.

The vulnerability of the MySQL Server component of the database management system for GIS-related applications is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

6.8CVSS6.6AI score0.00384EPSS

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

6.8CVSS6.3AI score0.00369EPSS

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

BDU FSTEC•added 2023/01/30 12:0 a.m.•2 views

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

6.8CVSS6.3AI score0.00389EPSS

6.8CVSS6.3AI score0.00369EPSS

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

BDU FSTEC•added 2023/01/30 12:0 a.m.•2 views

Vulnerability of the Server component: The MySQL Server database management system’s Optimizer component allows a hacker to gain unauthorized access to read, modify, or delete data.

4CVSS6.3AI score0.00232EPSS

6.8CVSS6.3AI score0.00443EPSS

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

6.8CVSS6.3AI score0.00389EPSS

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.