CVE-2016-7270

CVE-2016-7270 affects the Data Provider for SQL Server in Microsoft .NET Framework 4.6.2. The vulnerability arises from mishandling a developer-supplied key, allowing remote attackers to bypass Always Encrypted and obtain sensitive cleartext data. Impact is information disclosure due to key guess...

Upgrade Fails With “Unable to use database VeeamBackup, because it has an unsupported compatibility level”

Challenge When attempting to upgrade Veeam Backup & Replication software, the following error occurs: Unable to use database VeeamBackup, because it has an unsupported compatibility level SQL Server 2012 or later is required. Cause The database being used for the upgrade is either running on an...

.NET Framework Information Disclosure Vulnerability

An information disclosure vulnerability exists in Microsoft .NET 4.6.2 Framework’s Data Provider for SQL Server that could allow an attacker to access information that should be defended by the Always Encrypted feature. The vulnerability is caused when .NET Framework improperly uses a...

MS16-155: Security Update for .NET Framework (3205640)

The remote Windows host is missing a security update. It is, therefore, affected by an information disclosure vulnerability in the .NET Framework Data Provider for SQL Server due to improper handling of developer-supplied keys. An unauthenticated, remote attacker can exploit this to disclose...

KLA10925 Information Disclosure vulnerability in Microsoft .NET Framework 4.6.2

Mishandling of a developer-supplied key was found in Microsoft .NET 4.6.2 Framework’s Data Provider for SQL Server. By exploiting this vulnerability malicious users can obtain sensitive cleartext information. This vulnerability can be exploited remotely via leveraging key guessability. Original...

Microsoft SQL Server 2012 SP1 11.0.3300.0 through 11.0.3492.0 Multiple Vulnerabilities (3045317)

Binary data 9819.prm...

Microsoft SQL Server 2008 SP4 10.0.6500.0 through 10.0.6526.0 Multiple Vulnerabilities (3045308)

Binary data 9816.prm...

Microsoft SQL Server 2008 R2 SP2 10.50.4251.0 through 10.50.4331.0 Multiple Vulnerabilities (3045312)

Binary data 9817.prm...

Microsoft SQL Server 2014 12.0.2254.0 through 12.0.2546.0 Multiple Vulnerabilities (3045324)

Binary data 9828.prm...

Microsoft SQL Server 2008 SP3 10.0.5500.0 through 10.0.5520.0 Multiple Vulnerabilities (3045305)

Binary data 9815.prm...

Microsoft SQL Server 2012 SP3 11.0.6020.0 through 11.0.6247.0 Multiple Privilege Escalation (3194721)

Binary data 9811.prm...

Microsoft SQL Server 2014 SP1 12.0.4100.0 through 12.0.4231.0 Privilege Escalation (3194720)

Binary data 9812.prm...

Microsoft SQL Server 2014 SP2 12.0.5000.0 through 12.0.5202.0 Privilege Escalation (3194714)

Binary data 9813.prm...

Microsoft SQL Server 2016 13.0.1605.0 through 13.0.1721.0 Multiple Privilege Escalation (3194716)

Binary data 9814.prm...

Microsoft SQL Server 2008 R2 SP3 10.50.6500.0 through 10.50.6525.0 Multiple Vulnerabilities (3045314)

Binary data 9818.prm...

Microsoft SQL Server 2012 SP2 11.0.5058.0 through 11.0.5387.0 Multiple Privilege Escalation (3194719)

Binary data 9810.prm...

Microsoft SQL Server 2012 SP2 11.0.5500.0 through 11.0.5592.0 Multiple Vulnerabilities (3045319)

Binary data 9827.prm...

BlackStratus LOGStorm 4.5.1.354.5.1.96 - Remote Code Execution

BlackStratus LOGStorm 4.5.1.354.5.1.96 - Remote Code Execution !/usr/bin/python logstorm-root.py BlackStratus LOGStorm Remote Root Exploit Jeremy Brown jbrown3264/gmail Dec 2016 -Synopsis- "Better Security and Compliance for Any Size Business" BlackStratus LOGStorm has multiple vulnerabilities th...

php: odbc_bindcols function mishandles driver behavior for SQL_WVARCHAR columns

The odbcbindcols function in ext/odbc/phpodbc.c in PHP before 5.6.12 mishandles driver behavior for SQLWVARCHAR columns, which allows remote attackers to cause a denial of service application crash in opportunistic circumstances by leveraging use of the odbcfetcharray function to access a certain...

Microsoft SQL Server Multiple Vulnerabilities (MS16-136)

Microsoft SQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...