4529 matches found
KB5068407 - Description of the security update for SQL Server 2022 GDR: November 11, 2025
KB5068407 - Description of the security update for SQL Server 2022 GDR: November 11, 2025 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This security update contains...
KB5068406 - Description of the security update for SQL Server 2022 CU21: November 11, 2025
KB5068406 - Description of the security update for SQL Server 2022 CU21: November 11, 2025 Summary Improvements and fixes included in this update How to obtain and install the update How to obtain or download the latest cumulative update package for Linux More information File information...
KB5068405 - Description of the security update for SQL Server 2019 GDR: November 11, 2025
KB5068405 - Description of the security update for SQL Server 2019 GDR: November 11, 2025 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This security update contains...
Microsoft SQL Server SQL注入漏洞
Microsoft SQL Server is a large commercial database system from Microsoft Corporation USA that is applied under the Microsoft Windows system. A SQL injection vulnerability exists in Microsoft SQL Server. An attacker can exploit the vulnerability to elevate privileges. The following products and...
KLA90053 PE vulnerability in Microsoft SQL Server
An elevation of privilege vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2025-59499 Related products Microsoft-SQL-Server Microsoft-Azure CVE list CVE-2025-59499 critical KB list 5068405 5068403 5068401...
PT-2025-46453
Name of the Vulnerable Software and Affected Versions SQL Server affected versions not specified Description The software contains an SQL injection issue due to improper neutralization of special elements used in SQL commands. This allows an authorized attacker to elevate privileges over a networ...
[R1] Tenable Identity Exposure Version 3.77.14 Fixes Multiple Vulnerabilities
R1 Tenable Identity Exposure Version 3.77.14 Fixes Multiple Vulnerabilities Arnie Cabral Mon, 11/03/2025 - 09:50 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. Several of the third-party components .NET, SQL and curl were found to contain...
[R1] Tenable Identity Exposure Version 3.77.14 Fixes Multiple Vulnerabilities
R1 Tenable Identity Exposure Version 3.77.14 Fixes Multiple Vulnerabilities Arnie Cabral Mon, 11/03/2025 - 09:50 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. Several of the third-party components .NET, SQL and curl were found to contain...
CVE-2025-11177
The External Login plugin for WordPress is vulnerable to SQL Injection via the 'log' parameter in all versions up to, and including, 1.11.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
SQL Plugin Job Fails with Error: "Mandatory arguments not set" or "Starting retention policy task"
Challenge After the upgrade or installation of the patch for Veeam Backup & Replication 12.3.2.4165, existing Veeam Plug-In for Microsoft SQL jobs fail with the following error: Failed to backup database. Error: Mandatory arguments not set Session failed: Mandatory arguments not set. Starting...
CVE-2025-11177 External Login <= 1.11.2 - Unauthenticated SQL Injection via log
The External Login plugin for WordPress is vulnerable to SQL Injection via the 'log' parameter in all versions up to, and including, 1.11.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2025-11177 External Login <= 1.11.2 - Unauthenticated SQL Injection via log
The External Login plugin for WordPress is vulnerable to SQL Injection via the 'log' parameter in all versions up to, and including, 1.11.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
Vulnerability fixed in Microsoft SQL Server
Microsoft has fixed a vulnerability in the JDBC driver for SQL Server. A malicious party could exploit the vulnerability to gain access to sensitive data, such as login credentials, through a Server-in-the-Middle attack. For successful exploitation, the malicious party must trick the victim into...
EUVD-2025-34375
Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network...
Improper Validation of Certificate with Host Mismatch
Overview Affected versions of this package are vulnerable to Improper Validation of Certificate with Host Mismatch via the parseCommonName method . An attacker can gain unauthorized access or impersonate users by crafting malicious X.509 certificates that bypass hostname validation through...
CVE-2025-59250
Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-59250
Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-59250 JDBC Driver for SQL Server Spoofing Vulnerability
...
CVE-2025-59250
CVE-2025-59250: IBM bulletin shows this CVE as an issue of improper input validation in the JDBC Driver for SQL Server, enabling spoofing over the network. The connected document confirms the vulnerability exists with a base score of 8.1 (HIGH) and network attack vector but does not provide produ...
CVE-2025-59250 JDBC Driver for SQL Server Spoofing Vulnerability
...