4418 matches found
KLA61355 Multiple vulnerabilities in Microsoft SQL Server
Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft ODBC Driver for SQL Server can be...
Microsoft SQL Server Security Vulnerability
Microsoft SQL Server is a large commercial database system from Microsoft that is used under Microsoft Windows. A security vulnerability exists in Microsoft SQL Server. An attacker has exploited the vulnerability to cause a denial of service on the system. The following products and versions are...
PT-2023-5971 · Microsoft · Sql Server
Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server affected versions not specified Description: The issue is related to insufficient input validation in the OLE DB driver for Microsoft SQL Server, which can be exploited to execute arbitrary code. This allows an attacker t...
KB5031358: Windows 11 version 21H2 Security Update (October 2023)
The remote Windows host is missing security update 5031358. It is, therefore, affected by multiple vulnerabilities - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through...
KB5031362: Windows 10 Version 1607 and Windows Server 2016 Security Update (October 2023)
The remote Windows host is missing security update 5031362. It is, therefore, affected by multiple vulnerabilities - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through...
Microsoft ODBC Driver Security Vulnerability
Microsoft ODBC Driver is a driver from Microsoft. It allows applications to access data in a database management system DBMS using SQL as the standard for accessing data. A security vulnerability exists in Microsoft ODBC Driver. An attacker could exploit the vulnerability to remotely execute code...
KB5031411: Windows Server 2008 Security Update (October 2023)
The remote Windows host is missing security update 5031411. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2023-36577 - Windows IIS Server Elevation of Privilege Vulnerability CVE-2023-36434 - Microsof...
Microsoft Warns of Cyber Attacks Attempting to Breach Cloud via SQL Server Instance
Microsoft has detailed a new campaign in which attackers unsuccessfully attempted to move laterally to a cloud environment through an SQL Server instance. "The attackers initially exploited a SQL injection vulnerability in an application within the target's environment," security researchers...
Defending new vectors: Threat actors attempt SQL Server to cloud lateral movement
Microsoft security researchers recently identified a campaign where attackers attempted to move laterally to a cloud environment through a SQL Server instance. This attack technique demonstrates an approach weve seen in other cloud services such as VMs and Kubernetes cluster, but not in SQL Serve...
Defending new vectors: Threat actors attempt SQL Server to cloud lateral movement
Microsoft security researchers recently identified a campaign where attackers attempted to move laterally to a cloud environment through a SQL Server instance. This attack technique demonstrates an approach weve seen in other cloud services such as VMs and Kubernetes cluster, but not in SQL Serve...
Gym Management System Code Issue Vulnerability
Gym Management System is a gym management system. The system is developed in C and sql server and features customer and vendor management, product management, sales management, gym membership management, fitness assessment, system logging, database backup and restore. A code issue exists in Gym...
PVS server cannot logon database with Error "The Login is from an Untrusted Domain and Cannot ..."
PVS server console cannot be launched with error: "The database login failed." SQL server log error: "Login failed. The login is from an untrusted domain and cannot be used with Integrated authentication." "SSPI handshake failed with error code 0x8009030c, state 14 while establishing a connection...
How to upgrade the SQL Server LocalDB (required for LHC) on the controllers
How to upgrade the local sql DB on the DDC's...
You do not have permission to create/update the database “” on Server “” during CVAD site setup
Studio UI Error You do not have permission to create/update the database “DATABASE” on server “SQLSERVER\InstanceName, Port”. Provide credentials for an account with that permission during site setup for Always-On SQL Server Windows Event ID 36884 The certificate received from the remote server...
How to Connect the SQL Server Using a Specific Port in Citrix Session Recording Server
This article is designed to describe how to connect the SQL Server using a specific port in Citrix Session Recording Server...
Security Updates for Microsoft SQL Server ODBC Driver (August 2023)
The Microsoft SQL Server driver installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connec...
Microsoft ODBC Driver for SQL Server Installed (macOS)
Binary data microsoftodbcdriverforsqlservermacinstalled.nbin...
CVE-2023-36882
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...
Remote code execution
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...
CVE-2023-36882
CVE-2023-36882 concerns Microsoft WDAC OLE DB provider for SQL Server, enabling Remote Code Execution. The NVD details show a network-based exploitable flaw with CVSS v3.1: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, score 8.8 (HIGH). Root cause and affected versions are not fully enumerated in the prov...