CVE-2023-36882 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

...

CVE-2023-36882 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

...

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

...

Security update 2023-08-08

...

KB5029308: Windows Server 2012 Security Update (August 2023)

The remote Windows host is missing security update 5029308. It is, therefore, affected by multiple vulnerabilities - Microsoft Message Queuing Remote Code Execution Vulnerability CVE-2023-35385, CVE-2023-36910, CVE-2023-36911 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution...

KB5029304: Windows Server 2012 R2 Security Update (August 2023)

The remote Windows host is missing security update 5029304. It is, therefore, affected by multiple vulnerabilities - Microsoft Message Queuing Remote Code Execution Vulnerability CVE-2023-35385, CVE-2023-36910, CVE-2023-36911 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution...

Microsoft ODBC Driver For SQL Server Installed (Linux)

Binary data microsoftodbcdriverforsqlservernixinstalled.nbin...

KB5029263: Windows 11 version 22H2 Security Update (August 2023)

The remote Windows host is missing security update 5029263. It is, therefore, affected by multiple vulnerabilities - Microsoft Message Queuing Remote Code Execution Vulnerability CVE-2023-35385, CVE-2023-36910, CVE-2023-36911 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution...

KLA51718 Multiple vulnerabilities in Microsoft SQL Server

A remote code execution vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2023-38169 Related products Microsoft-SQL-Server Microsoft-Windows CVE list CVE-2023-38169 critical KB list 5026806 5025808...

CVE-2023-34362 - a SQL injection vulnerability has been found in the MOVEit Transfer web application.

In Progress MOVEit Transfer before 2021.0.6 13.0.6, 2021.1.4 13.1.4, 2022.0.4 14.0.4, 2022.1.5 14.1.5, and 2023.0.1 15.0.1, a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database...

Security Updates for Microsoft SQL Server ODBC Driver (June 2023)

The Microsoft SQL Server driver installation on the remote host is missing a security update. It is, therefore, affected by remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for...

Security Updates for Microsoft SQL Server OLE DB Driver (June 2023)

The Microsoft SQL Server driver installation on the remote host is missing a security update. It is, therefore, affected by remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for...

Design/Logic Flaw

Datalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. This is exploitable only when external SQL Server or PostgreSQL metadata storage is used. Exploitation can only occur from a high-privileged user account...

CVE-2023-38195

Datalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. This is exploitable only when external SQL Server or PostgreSQL metadata storage is used. Exploitation can only occur from a high-privileged user account...

CVE-2023-38195

Datalust Seq versions prior to 2023.2.9489 are affected. The issue allows insertion of sensitive information into externally accessible files or directories when external metadata storage (SQL Server or PostgreSQL) is used, and exploitation requires a high-privilege user. Remediation: upgrade to ...

HP Security Manager and Web Jetadmin - Potential remote code execution

HP Security Manager and Web Jetadmin may potentially be vulnerable to Remote Code Execution when using certain versions of Microsoft SQL Server Express. For additional information regarding the potential vulnerability and Microsoft SQL security patches for existing installations, please visit the...

Build Numbers and Versions of Veeam Plug-ins for Enterprise Applications

Plug-In Download The latest version of all Plug-Ins for Enterprise Applications can be found at the bottom of the My Products page within the My Portal, in the Application Plug-Ins under Additional downloads. View by Plug-in Build Number View by Veeam Backup & Replication Release This table lists...

Security Bulletin: A vulnerability in the Oracle Data Provider may affect IBM Robotic Process Automation and result in an attacker gaining elevated privileges (CVE-2023-21893).

Summary Oracle Data Provider is used by IBM Robotic Process Automation as part of SQL Server database connectivity. CVE-2023-21893. Vulnerability Details CVEID:CVE-2023-21893 DESCRIPTION: Oracle Database Server could allow a remote attacker to gain elevated privileges on the system, caused by an...

MOVEit SQL Injection Exploit

This Metasploit module exploits an SQL injection vulnerability in the MOVEit Transfer web application that allows an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an attacker can levera...

CVE-2023-32027

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability...