1417 matches found
Exploit for CVE-2019-1068
CVE-2019-1068 Root cause analysis and PoC for a Microsoft SQL...
Security Updates for Microsoft SQL Server (January 2021)
The Microsoft SQL Server installation on the remote host is missing a security update. It is, therefore, affected by an elevation of privilege vulnerability. An authenticated, remote attacker can exploit this issue, to gain elevated privileges. Note that Nessus has not tested for this issue but h...
Patch Tuesday - January 2021
We arrive at the first Patch Tuesday of 2021 2021-Jan with 83 vulnerabilities across our standard spread of products. Windows Operating System vulnerabilities dominated this month's advisories, followed by Microsoft Office which includes the SharePoint family of products, and lastly some from les...
CVE-2021-1636
Microsoft SQL Elevation of Privilege Vulnerability...
Privilege escalation
Microsoft SQL Elevation of Privilege Vulnerability...
CVE-2021-1636 Microsoft SQL Elevation of Privilege Vulnerability
...
KLA12043 PE vulnerability in Microsoft SQL Server
An elevation of privilege vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2021-1636 Exploitation Public exploits exist for this vulnerability. Related products Microsoft-SQL-Server CVE list CVE-2021-1636...
Microsoft SQL Server SQL Injection Vulnerability
Microsoft SQL Server is a large commercial database system from Microsoft that is used under Microsoft Windows. A SQL injection vulnerability exists in Microsoft SQL Server. The following products and versions are affected:Microsoft SQL Server 2019 for x64-based Systems GDR,Microsoft SQL Server...
SQL Injection Vulnerability in RaiseDreams Crowdfunding System pr***.aspx File
RaiseDreams crowdfunding system is an enterprise-level crowdfunding website platform for financial tycoons and enterprises that are about to put into crowdfunding ranks, using asp.net+MsSQL database as the system architecture, and the front-end using html5+css3 modern html language to create a...
KB941203 - MS08-040: Vulnerabilities in Microsoft SQL Server could allow elevation of privilege
Resolves four privately disclosed vulnerabilities. The more serious of the vulnerabilities could allow an attacker to run code and to take complete control of the system.INTRODUCTIONMicrosoft has released security bulletin MS08-040. To view the complete security bulletin, visit one of the followi...
KB3204399 - Cumulative update 10 for SQL Server 2014 SP1
KB3204399 - Cumulative update 10 for SQL Server 2014 SP1 This article describes cumulative update package 10 build number: 12.0.4491.0 for Microsoft SQL Server 2014 Service Pack 1 SP1. This update contains fixes that were released after the release of SQL Server 2014 SP1. Cumulative update...
KB2674319 - Bugs that are fixed in SQL Server 2012 Service Pack 1
KB2674319 - Bugs that are fixed in SQL Server 2012 Service Pack 1 INTRODUCTION This article lists the bugs that are fixed in Microsoft SQL Server 2012 Service Pack 1 SP1. Notes Additional fixes that are not documented here may also be included in the service pack. This list will be updated when...
KB3167392 - Cumulative update 6 for SQL Server 2014 SP1
KB3167392 - Cumulative update 6 for SQL Server 2014 SP1 This article describes cumulative update package 6 Build number: 12.0.4457.0 for Microsoft SQL Server 2014 Service Pack 1 SP1. This update contains fixes that were released after the release of SQL Server 2014 SP1. Cumulative update Cumulati...
KB3045311 - MS15-058: Description of the security update for SQL Server 2008 Service Pack 4 GDR: July 14, 2015
KB3045311 - MS15-058: Description of the security update for SQL Server 2008 Service Pack 4 GDR: July 14, 2015 Summary This update resolves vulnerabilities in Microsoft SQL Server that could allow remote code execution if an authenticated attacker runs a specially crafted query that is designed t...
KB2958429 - Bugs that are fixed in SQL Server 2012 Service Pack 2
KB2958429 - Bugs that are fixed in SQL Server 2012 Service Pack 2 Introduction This article lists the bugs that are fixed in Microsoft SQL Server 2012 Service Pack 2 SP2. Notes Additional fixes that are not documented here may also be included in the service pack. This list will be updated when...
KB2546951 - List of issues that are fixed by SQL Server 2008 Service Pack 3
KB2546951 - List of issues that are fixed by SQL Server 2008 Service Pack 3 INTRODUCTION This article lists SQL Server 2008 issues that are fixed by Microsoft SQL Server 2008 Service Pack 3 SP3. Notes Some issues that are not documented might be fixed by the service pack. The list of issues will ...
KB3130926 - Cumulative Update 5 for SQL Server 2014 Service Pack 1
KB3130926 - Cumulative Update 5 for SQL Server 2014 Service Pack 1 This article describes cumulative update package 5 Build number: 12.0.4439.1 for Microsoft SQL Server 2014 Service Pack 1 SP1. This update contains fixes that were released after the release of SQL Server 2014 SP1. Cumulative upda...
Microsoft SQL Server Reporting Services 2016 ViewState deserialization vulnerability
Added: 09/25/2020 CVE: CVE-2020-0618 Background Microsoft SQL Server Reporting Services is a set of tools and services for creating, deploying, and managing mobile and paginated reports. Problem A deserialization vulnerability in Microsoft SQL Server Reporting Services 2016 allows a remote,...
Microsoft SQL Server Reporting Services 2016 ViewState deserialization vulnerability
Added: 09/25/2020 CVE: CVE-2020-0618 Background Microsoft SQL Server Reporting Services is a set of tools and services for creating, deploying, and managing mobile and paginated reports. Problem A deserialization vulnerability in Microsoft SQL Server Reporting Services 2016 allows a remote,...
Microsoft SQL Server Reporting Services 2016 ViewState deserialization vulnerability
Added: 09/25/2020 CVE: CVE-2020-0618 Background Microsoft SQL Server Reporting Services is a set of tools and services for creating, deploying, and managing mobile and paginated reports. Problem A deserialization vulnerability in Microsoft SQL Server Reporting Services 2016 allows a remote,...