CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4530 matches found

Tenable Nessus•added 2023/07/26 12:0 a.m.•237 views

Security Updates for Microsoft SQL Server ODBC Driver (June 2023)

The Microsoft SQL Server driver installation on the remote host is missing a security update. It is, therefore, affected by remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for...

7.8CVSS8.5AI score0.00722EPSS

Exploits0References6

Prion•added 2023/07/22 5:15 p.m.•15 views

Design/Logic Flaw

Datalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. This is exploitable only when external SQL Server or PostgreSQL metadata storage is used. Exploitation can only occur from a high-privileged user account...

3.3CVSS5AI score0.00432EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/07/22 12:0 a.m.•13 views

CVE-2023-38195

6.6AI score0.00432EPSS

Exploits0References1

CVE•added 2023/07/22 12:0 a.m.•59 views

CVE-2023-38195

Datalust Seq versions prior to 2023.2.9489 are affected. The issue allows insertion of sensitive information into externally accessible files or directories when external metadata storage (SQL Server or PostgreSQL) is used, and exploitation requires a high-privilege user. Remediation: upgrade to ...

4.9CVSS5AI score0.00432EPSS

Exploits0References1Affected Software1

Hewlett-Packard•added 2023/07/20 12:0 a.m.•28 views

HP Security Manager and Web Jetadmin - Potential remote code execution

HP Security Manager and Web Jetadmin may potentially be vulnerable to Remote Code Execution when using certain versions of Microsoft SQL Server Express. For additional information regarding the potential vulnerability and Microsoft SQL security patches for existing installations, please visit the...

8.8CVSS8.2AI score0.06153EPSS

Exploits0

Veeam•added 2023/07/14 12:0 a.m.•45 views

Build Numbers and Versions of Veeam Plug-ins for Enterprise Applications

Plug-In Download The latest version of all Plug-Ins for Enterprise Applications can be found at the bottom of the My Products page within the My Portal, in the Application Plug-Ins under Additional downloads. View by Plug-in Build Number View by Veeam Backup & Replication Release This table lists...

5.6AI score

Exploits0Affected Software1

BDU FSTEC•added 2023/07/11 12:0 a.m.•4 views

The vulnerability of the Microsoft ODBC Driver for SQL Server’s dynamic layout library, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft ODBC Driver for SQL Server’s dynamic layout library is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.7AI score0.00722EPSS

Exploits0References2Affected Software1

BDU FSTEC•added 2023/07/06 12:0 a.m.•5 views

The vulnerability of the Microsoft ODBC Driver for SQL Server’s dynamic layout library, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

7.8CVSS7.7AI score0.00603EPSS

Exploits0References2Affected Software1

BDU FSTEC•added 2023/07/06 12:0 a.m.•3 views

The vulnerability of the OLE DB driver for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server on Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

7.8CVSS7.7AI score0.00722EPSS

Exploits0References2Affected Software1

IBM Security Bulletins•added 2023/06/27 7:36 p.m.•30 views

Security Bulletin: A vulnerability in the Oracle Data Provider may affect IBM Robotic Process Automation and result in an attacker gaining elevated privileges (CVE-2023-21893).

Summary Oracle Data Provider is used by IBM Robotic Process Automation as part of SQL Server database connectivity. CVE-2023-21893. Vulnerability Details CVEID:CVE-2023-21893 DESCRIPTION: Oracle Database Server could allow a remote attacker to gain elevated privileges on the system, caused by an...

7.5CVSS8AI score0.00594EPSS

Exploits0Affected Software1

0day.today•added 2023/06/26 12:0 a.m.•512 views

MOVEit SQL Injection Exploit

This Metasploit module exploits an SQL injection vulnerability in the MOVEit Transfer web application that allows an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an attacker can levera...

9.8CVSS8.2AI score0.99934EPSS

Exploits15