CVE-2023-36785

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability...

PT-2023-5971 · Microsoft · Sql Server

Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server affected versions not specified Description: The issue is related to insufficient input validation in the OLE DB driver for Microsoft SQL Server, which can be exploited to execute arbitrary code. This allows an attacker t...

Microsoft SQL Server Security Vulnerability

Microsoft SQL Server is a large commercial database system from Microsoft that is used under Microsoft Windows. A security vulnerability exists in Microsoft SQL Server. An attacker has exploited the vulnerability to cause a denial of service on the system. The following products and versions are...

OESA-2023-1490 qt5-qtbase security update

Qt is a software toolkit for developing applications. Security Fixes: Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before...

PT-2023-3812 · Microsoft · Odbc Driver +1

Name of the Vulnerable Software and Affected Versions: Microsoft ODBC Driver affected versions not specified Description: The issue is related to insufficient input validation in the Microsoft ODBC Driver. This can be exploited by a remote attacker to execute arbitrary code. The vulnerability...

The vulnerability of the Microsoft ODBC Driver for SQL Server’s dynamic layout library, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft ODBC Driver for SQL Server’s dynamic layout library is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the Microsoft ODBC Driver for SQL Server’s dynamic layout library, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft ODBC Driver for SQL Server’s dynamic layout library is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2023-32026

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability...

Fixed vulnerabilities in Microsoft ODBC driver for SQL Server

Microsoft has fixed vulnerabilities in the ODBC Driver for SQL Server. A malicious party could exploit the vulnerabilities to execute arbitrary code on the vulnerable system. To exploit the vulnerabilities, the malicious party must have a rogue SQL server and trick the victim into connecting...

Microsoft ODBC Driver 安全漏洞

Microsoft ODBC Driver is a driver from Microsoft. It allows applications to access data in a database management system DBMS using SQL as the standard for accessing data. A security vulnerability exists in the Microsoft ODBC Driver that stems from the presence of a remote code execution...

Apache NiFi 代码注入漏洞

Apache NiFi is a data processing and distribution system from the Apache USA Foundation. The system is primarily used for data routing, transformation, and system brokering logic. A code injection vulnerability exists in Apache NiFi versions 0.0.2 through 1.21.0 that originates from allowing...

OESA-2023-1270 qt5-qtbase security update

This package provides base tools, such as string, xml, and network handling. Security Fixes: Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and...

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2023-24607

Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3...

SUSE CVE-2023-24607

Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3...

The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the WDAC OLE DB driver for SQL Server on Microsoft Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the WDAC OLE DB driver for SQL Server on Microsoft Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending specially crafted malicious packages remotely...

php: PDO:: quote() may return unquoted string due to an integer overflow

A flaw was found in PHP. This issue occurs due to an uncaught integer overflow in PDO::quote of PDOSQLite returning an improperly quoted string. With the implementation of sqlite3snprintf, it is possible to force the function to return a single apostrophe if the function is called on user-supplie...