4418 matches found
CVE-2022-0859
McAfee Enterprise ePolicy Orchestrator ePO prior to 5.10 Update 13 allows a local attacker to point an ePO server to an arbitrary SQL server during the restoration of the ePO server. To achieve this the attacker would have to be logged onto the server hosting the ePO server restricted to...
CVE-2022-0859
McAfee Enterprise ePolicy Orchestrator ePO prior to 5.10 Update 13 allows a local attacker to point an ePO server to an arbitrary SQL server during the restoration of the ePO server. To achieve this the attacker would have to be logged onto the server hosting the ePO server restricted to...
Sql injection
McAfee Enterprise ePolicy Orchestrator ePO prior to 5.10 Update 13 allows a local attacker to point an ePO server to an arbitrary SQL server during the restoration of the ePO server. To achieve this the attacker would have to be logged onto the server hosting the ePO server restricted to...
CVE-2022-0859 ePO database restoration vulnerability
McAfee Enterprise ePolicy Orchestrator ePO prior to 5.10 Update 13 allows a local attacker to point an ePO server to an arbitrary SQL server during the restoration of the ePO server. To achieve this the attacker would have to be logged onto the server hosting the ePO server restricted to...
CVE-2022-0859
CVE-2022-0859 affects McAfee Enterprise ePolicy Orchestrator (ePO) versions prior to 5.10 Update 13. The vulnerability allows a local attacker who is on the server hosting ePO (administrators) and who knows the SQL password to point the ePO server to an arbitrary SQL server during the restoration...
PT-2022-13478 · Mcafee · Mcafee Enterprise Epolicy Orchestrator
Name of the Vulnerable Software and Affected Versions: McAfee Enterprise ePolicy Orchestrator ePO versions prior to 5.10 Update 13 Description: The issue allows a local attacker to point an ePO server to an arbitrary SQL server during the restoration of the ePO server. This can be achieved if the...
mysql: InnoDB unspecified vulnerability (CPU Apr 2022)
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
Hackers Backdoor Unpatched Microsoft SQL Database Servers with Cobalt Strike
Vulnerable internet-facing Microsoft SQL MS SQL Servers are being targeted by threat actors as part of a new campaign to deploy the Cobalt Strike adversary simulation tool on compromised hosts. "Attacks that target MS SQL servers include attacks to the environment where its vulnerability has not...
Security Updates for Microsoft SQL Server (February 2022)
The Microsoft SQL Server installation on the remote host is missing a security update. It is, therefore, affected by a privilege escalation vulnerability that exists in Microsoft SQL Server 2019 Linux container images. An unauthenticated, local attacker could exploit this to elevate privileges...
MGASA-2022-0056 Updated php-adodb packages fix security vulnerability
Security hotfix release addressing a critical vulnerability in PostgreSQL connections CVE-2021-3850 Additional fixes: Fix usage of getmagic functions 619 657 Fix PHP warning in rs2rs function 679 pdo: Fix Fatal error in query 666 pdo: Fix undefined variable 678 pgsql: Fix Fatal error in close...
Updated php-adodb packages fix security vulnerability
Security hotfix release addressing a critical vulnerability in PostgreSQL connections CVE-2021-3850 Additional fixes: Fix usage of getmagic functions 619 657 Fix PHP warning in rs2rs function 679 pdo: Fix Fatal error in query 666 pdo: Fix undefined variable 678 pgsql: Fix Fatal error in close...
Microsoft SQL Server 2019 for Linux Containers权限提升漏洞
Microsoft SQL Server is a large commercial database system used under Microsoft Windows from Microsoft Corporation Microsoft. Details are not available at this time...
CVE-2022-23276
SQL Server for Linux Containers Elevation of Privilege Vulnerability...
Privilege escalation
SQL Server for Linux Containers Elevation of Privilege Vulnerability...
CVE-2022-23276
CVE-2022-23276 is a local privilege-escalation vulnerability affecting SQL Server 2019 on Linux container images . Connected sources confirm the issue resides in the Linux container deployment, not in SQL Server on bare metal/VM, and is specific to the container image lifecycle. The vulnerability...
CVE-2022-23276 SQL Server for Linux Containers Elevation of Privilege Vulnerability
...
Microsoft Patch Tuesday addresses a zero-day vulnerability in Windows Kernel
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here Microsoft addressed 51 vulnerabilities in the February 2022 patch Tuesday release, one of which was classified as a zero-day vulnerability. A remote attacker could exploit some of these vulnerabilities to gain control of a...
SQL Server for Linux Containers Elevation of Privilege Vulnerability
...
KB5010657 - Description of the security update for SQL Server 2019 GDR: February 8, 2022
KB5010657 - Description of the security update for SQL Server 2019 GDR: February 8, 2022 Summary This security update fixes an escalation of privileges vulnerability in a Linux virtual machine VM that's running Microsoft SQL Server 2019 Linux container images. To learn more about the problem, see...
KLA12455 Multiple vulnerabilities in Microsoft SQL Server
Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Microsoft Power BI can be exploited remotely ...