The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the WDAC OLE DB driver for SQL Server Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

Sql Injection

laravel/framework is vulnerable to Sql Injection. The vulnerability is due to user input passed directly to the limit and offset functions in SQL Server, resulting is SQL injection...

GHSA-WQ8P-MQVG-2P5H laravel framework SQL Injection via limit and offset functions

Impact Those using SQL Server with Laravel and allowing user input to be passed directly to the limit and offset functions are vulnerable to SQL injection. Other database drivers such as MySQL and Postgres are not affected by this vulnerability. Patches This problem has been patched on Laravel...

laravel framework SQL Injection via limit and offset functions

Impact Those using SQL Server with Laravel and allowing user input to be passed directly to the limit and offset functions are vulnerable to SQL injection. Other database drivers such as MySQL and Postgres are not affected by this vulnerability. Patches This problem has been patched on Laravel...

CVE-2024-30006

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

CVE-2024-30006

CVE-2024-30006 affects the Microsoft WDAC OLE DB provider for SQL Server and enables Remote Code Execution. The CVSS v3.1 base score is 8.8 (HIGH) with Network attack vector, Low attack complexity, and user interaction required. Some sources list it as a high-severity Windows vulnerability (score...

CVE-2024-30006 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

...

CVE-2024-30006 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

...

CVE-2024-27941

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected client systems do not properly sanitize input data before sending it to the SQL server. An attacker could use this vulnerability to compromise the whole database...

CVE-2024-27940

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow any authenticated user to send arbitrary SQL commands to the SQL server. An attacker could use this vulnerability to compromise the whole database...

CVE-2024-27941

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected client systems do not properly sanitize input data before sending it to the SQL server. An attacker could use this vulnerability to compromise the whole database...

CVE-2024-27941

CVE-2024-27941 affects Siemens RUGGEDCOM CROSSBOW (all versions prior to V5.5). The root cause is improper input data sanitization before sending data to the SQL server, enabling SQL injection that could compromise the entire database. Public references from multiple sources corroborate a SQL inj...

CVE-2024-27941

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected client systems do not properly sanitize input data before sending it to the SQL server. An attacker could use this vulnerability to compromise the whole database...

CVE-2024-27940

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow any authenticated user to send arbitrary SQL commands to the SQL server. An attacker could use this vulnerability to compromise the whole database...

CVE-2024-27940

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow any authenticated user to send arbitrary SQL commands to the SQL server. An attacker could use this vulnerability to compromise the whole database...

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

...

PT-2024-3940 · Microsoft · Wdac Ole Db Provider For Sql Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft WDAC OLE DB provider for SQL Server affected versions not specified Description: The issue is related to a memory use after free condition. It allows remote attackers to execute arbitrary code on the system. Recommendations: At the...

KLA67433 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote cod...

KLA67394 OSI vulnerability in Microsoft SQL Server

An information disclosure vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2024-30054 Related products Microsoft-Power-BI CVE list CVE-2024-30054 high Solution Install necessary updates from th...

KB5037763: Windows 10 Version 1607 / Windows Server 2016 Security Update (May 2024)

The remote Windows host is missing security update 5037763. It is, therefore, affected by multiple vulnerabilities - Windows MSHTML Platform Security Feature Bypass Vulnerability CVE-2024-30040 - Windows Common Log File System Driver Elevation of Privilege Vulnerability CVE-2024-29996,...