CVE-2024-28934

CVE-2024-28934 refers to a remote code execution vulnerability in the Microsoft ODBC Driver for SQL Server. The connected MS update advisories confirm fixes in the ODBC Driver components: Driver 17 (SQL Server ODBC Driver 17) updated to build 17.10.6.1 and Driver 18 updated to build 18.3.3.1, add...

CVE-2024-26195 DHCP Server Service Remote Code Execution Vulnerability

...

CVE-2024-29047

CVE-2024-29047 pertains to the Microsoft OLE DB Driver for SQL Server Remote Code Execution. Public docs confirm an RCE vulnerability affecting the OLE DB Driver family and identify related Microsoft security updates. The KB notes describe updates for Microsoft OLE DB Driver 18 for SQL Server (KB...

CVE-2024-28912 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

...

CVE-2024-21444 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

...

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

...

CVE-2024-21375

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

CVE-2024-21360

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

CVE-2024-21352

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

CVE-2024-21352 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

...

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

...

Theme Editor < 2.8 - Admin+ Arbitrary File Upload

Description The plugin is vulnerable to arbitrary file uploads which could allow users with administrator privileges or higher to upload arbitrary files on the affected site's server which may make remote code execution possible...

KB5032249: Windows Server 2012 R2 Security Update (November 2023)

The remote Windows host is missing security update 5032249. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2023-36402 - Windows Pragmatic General Multicast PGM Remote Code Execution Vulnerability...

CVE-2023-36785

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability...

CVE-2023-38182 Microsoft Exchange Server Remote Code Execution Vulnerability

...

KB5029308: Windows Server 2012 Security Update (August 2023)

The remote Windows host is missing security update 5029308. It is, therefore, affected by multiple vulnerabilities - Microsoft Message Queuing Remote Code Execution Vulnerability CVE-2023-35385, CVE-2023-36910, CVE-2023-36911 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution...

CVE-2023-32258 Session race condition remote code execution vulnerability

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2LOGOFF and SMB2CLOSE commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this...

CVE-2023-32031 Microsoft Exchange Server Remote Code Execution Vulnerability

...

CVE-2023-34105 SRS has command injection vulnerability in demonstration api-server for HTTP callback.

SRS is a real-time video server supporting RTMP, WebRTC, HLS, HTTP-FLV, SRT, MPEG-DASH, and GB28181. Prior to versions 5.0.157, 5.0-b1, and 6.0.48, SRS's api-server server is vulnerable to a drive-by command injection. An attacker may send a request to the /api/v1/snapshots endpoint containing an...

Security Updates for Microsoft SharePoint Server Subscription Edition (May 2023)

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A Sharepoint Server spoofing vulnerability. CVE-2023-24950 - A Sharepoint Server information disclosure vulnerability...