4530 matches found
Microsoft Patch Tuesday addresses a zero-day vulnerability in Windows Kernel
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here Microsoft addressed 51 vulnerabilities in the February 2022 patch Tuesday release, one of which was classified as a zero-day vulnerability. A remote attacker could exploit some of these vulnerabilities to gain control of a...
KB5010657 - Description of the security update for SQL Server 2019 GDR: February 8, 2022
KB5010657 - Description of the security update for SQL Server 2019 GDR: February 8, 2022 Summary This security update fixes an escalation of privileges vulnerability in a Linux virtual machine VM that's running Microsoft SQL Server 2019 Linux container images. To learn more about the problem, see...
SQL Server for Linux Containers Elevation of Privilege Vulnerability
...
KLA12455 Multiple vulnerabilities in Microsoft SQL Server
Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Microsoft Power BI can be exploited remotely ...
Vulnerabilities fixed in Microsoft SQL Server and Power BI
Microsoft has fixed vulnerabilities in Microsoft SQL Server and Power BI. The vulnerabilities allow a malicious party to obtain elevated user privileges. SQL Server: |----------------|------|-------------------------------------| | CVE ID | CVSS | Impact |...
Veeam Service Provider Console fails to connect to restored VSPC database due to collation conflict
Challenge When attempting to connect Veeam Service Provider Console to an existing VSPC database the following error occurs: Implicit conversion of varchar value to varchar cannot be performed because the collation of the value is unresolved due to a collation conflict between "" and "" in add...
Security Bulletin: A security vulnerability has been identified in the IBM Spectrum Protect Client that affects multiple IBM Spectrum Protect products (CVE-2018-1786)
Summary The IBM Spectrum Protect formerly Tivoli Storage Manger Client/API is used as a component of IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager for Windows, IBM Spectrum Protect for Databases, and IBM Spectrum Protect for Mail. Information about a security vulnerabili...
Xolo - Tool To Crawl, Visualize And Interact With SQL Server Links In A D3 Graph
Author: ET Lownoise Version: 1.0 Tool to crawl, visualize and interact with SQL server links in a d3 graph to help in your red/blue/purple/.../risk assessments pentest hacking team exercises. Requirements: Requests==2.18.4 Flask==0.12.2 Json Pypyodbc beautifulsoup4==4.6.0 lxml==4.1.0 Example: pip...
Mitsubishi Electric MC Works64 Buffer Overflow Vulnerability
Mitsubishi Electric MC Works64 is a data acquisition and monitoring system SCADA from Mitsubishi Electric Japan. A security vulnerability exists in Mitsubishi Electric MC Works64 that stems from a coding error in the SQL query engine memory allocation code that makes it possible to execute a seri...
Oracle MySQL 输入验证错误漏洞
Oracle MySQL Server is a relational database from Oracle Corporation. An input validation error vulnerability exists in MySQL Server, which originates from an input validation error in the Server: Optimizer component in MySQL Server. An attacker can exploit the vulnerability to corrupt or delete...
CVE-2021-39056
The IBM i 7.1, 7.2, 7.3, and 7.4 Extended Dynamic Remote SQL server EDRSQL could allow a remote authenticated user to send a specially crafted request and cause a denial of service. IBM X-Force ID: 214537...
Design/Logic Flaw
The IBM i 7.1, 7.2, 7.3, and 7.4 Extended Dynamic Remote SQL server EDRSQL could allow a remote authenticated user to send a specially crafted request and cause a denial of service. IBM X-Force ID: 214537...
CVE-2021-39056
The IBM i 7.1, 7.2, 7.3, and 7.4 Extended Dynamic Remote SQL server EDRSQL could allow a remote authenticated user to send a specially crafted request and cause a denial of service. IBM X-Force ID: 214537...
IBM i 安全漏洞
IBM i is a set of operating systems from IBM USA running in IBM Power Systems and IBM PureSystems. IBM i 7.1, 7.2, 7.3 and 7.4 Extended Dynamic Remote SQL server EDRSQL has a security vulnerability that could be exploited by an attacker to send specially designed requests to a remotely...
Description of the security update for SharePoint Server Subscription Edition: January 11, 2022 (KB5002111)
Description of the security update for SharePoint Server Subscription Edition: January 11, 2022 KB5002111 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft Office remote code execution vulnerability. To learn more about the...
Veeam Agent for Microsoft Windows 5.0 Can’t Be Started or Installed After Upgrade to Windows 11
Challenge After upgrading to Windows 11, the Veeam Agent for Microsoft Windows service may fail to start. The following errors can be found in C:\ProgramData\Veeam\Endpoint\Svc.VeeamEndpointBackup.log: Error Failed to start service. Error Error occurred during LocalDB instance startup: SQL Server...
KLA12395 RCE vulnerability in Microsoft SQL Server
Remote code execution vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2021-44228 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such malwar...
InsightCloudSec Supports 12 New AWS Services Announced at re:Invent
In case you didn’t hear, Amazon hosted AWS re:Invent in Las Vegas last week. As has come to be expected at the annual mega-event, Amazon made a number of huge announcements and launched a significant number of improvements and brand-new services and settings to enhance their public cloud platform...
Debian DLA-2824-1 : firebird3.0 - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2824 advisory. - An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement. CVE-2017-11509 Note th...
Security Bulletin: PostgreSQL vulnerabilities in IBM Robotic Process Automation with Automation Anywhere - CVE-2021-32028
Summary IBM Robotic Process Automation with Automation Anywhere is vulnerable to attacks involving PostgreSQL. Vulnerability Details CVEID: CVE-2021-32028 DESCRIPTION: PostgreSQL could allow a remote authenticated attacker to obtain sensitive information, caused by a memory disclosure vulnerabili...