4418 matches found
KLA20230 Multiple vulnerabilities in Microsoft SQL Server
Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft SQL Server can be exploited remotely t...
KB5022858: Windows 10 LTS 1507 Security Update (February 2023)
The remote Windows host is missing security update 5022858. It is, therefore, affected by multiple vulnerabilities - Windows iSCSI Discovery Service Remote Code Execution Vulnerability CVE-2023-21803 - Microsoft PostScript Printer Driver Remote Code Execution Vulnerability CVE-2023-21684,...
Ghauri - An Advanced Cross-Platform Tool That Automates The Process Of Detecting And Exploiting SQL Injection Security Flaws
An advanced cross-platform tool that automates the process of detecting andexploiting SQL injection security flaws Requirements Python 3 Python pip3 Installation cd to ghauri directory. install requirements: python3 -m pip install --upgrade -r requirements.txt run: python3 setup.py install or...
CVE-2023-21681
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...
CVE-2023-21681
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...
CVE-2023-21681
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...
Remote code execution
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...
January 10, 2023—KB5022353 (Security-only update)
January 10, 2023—KB5022353 Security-only update Summary Learn more about this security-only update, including improvements, any known issues, and how to get the update. REMINDER Windows Server 2008 Service Pack 2 SP2 has reached the end of mainstream support and are now in extended support...
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
...
KB5022346: Windows 8.1 Embedded and Windows Server 2012 R2 Security Update (January 2023)
The remote Windows host is missing security update 5022346. It is, therefore, affected by multiple vulnerabilities - Microsoft ODBC Driver Remote Code Execution Vulnerability CVE-2023-21732 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2023-21681 - Window...
KB5022289: Windows 10 Version 1607 and Windows Server 2016 Security Update (January 2023)
The remote Windows host is missing security update 5022289. It is, therefore, affected by multiple vulnerabilities - Microsoft ODBC Driver Remote Code Execution Vulnerability CVE-2023-21732 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2023-21681 - Window...
KB5022282: Windows 10 Version 20H2 / Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (January 2023)
The remote Windows host is missing security update 5022282. It is, therefore, affected by multiple vulnerabilities - Microsoft ODBC Driver Remote Code Execution Vulnerability CVE-2023-21732 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2023-21681 - Window...
KB5022339: Windows Server 2008 R2 Security Update (January 2023)
The remote Windows host is missing security update 5022339. It is, therefore, affected by multiple vulnerabilities - Microsoft ODBC Driver Remote Code Execution Vulnerability CVE-2023-21732 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2023-21681 -...
CVE-2023-21681 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
...
CVE-2023-21681
Technical details about CVE-2023-21681 are not present in the provided connected documents. The supplied items cover generic Microsoft KB updates and an unrelated ENISA entry; monitor for updates and future technical disclosures.
CVE-2022-44014
An issue was discovered in Simmeth Lieferantenmanager before 5.6. In the design of the API, a user is inherently able to fetch arbitrary SQL tables. This leaks all user passwords and MSSQL hashes via /DS/LMAPI/api/SelectionService/GetPaggedTab...
CVE-2022-44015
An issue was discovered in Simmeth Lieferantenmanager before 5.6. An attacker can inject raw SQL queries. By activating MSSQL features, the attacker is able to execute arbitrary commands on the MSSQL server via the xpcmdshell extended procedure...
Siemens SICAM PAS/PQS Sensitive Information Plaintext Transfer Vulnerability
Siemens SICAM PAS/PQS is a software from Siemens with an operating system for energy automation and power quality. A security vulnerability exists in Siemens SICAM PAS/PQS versions prior to V7.0 due to the affected software transmitting database credentials for the built-in SQL server in clear...
CVE-2022-43724
A vulnerability has been identified in SICAM PAS/PQS All versions V7.0. Affected software transmits the database credentials for the inbuilt SQL server in cleartext. In combination with the by default enabled xpcmdshell feature unauthenticated remote attackers could execute custom OS commands. At...
December 13, 2022—KB5021243 (OS Build 10240.19624) - EXPIRED
December 13, 2022—KB5021243 OS Build 10240.19624 - EXPIRED EXPIRATION NOTICEIMPORTANT As of January 27, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. --- 12/8/20 For...