Lucene search
K

63 matches found

BDU FSTEC
BDU FSTEC
•added 2024/02/20 12:0 a.m.•13 views

The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.3AI score0.01644EPSS
Exploits0References3
OSV
OSV
•added 2024/02/13 6:15 p.m.•4 views

CVE-2024-21391

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

8.8CVSS7.4AI score0.01628EPSS
Exploits0References1
OSV
OSV
•added 2024/02/13 6:15 p.m.•4 views

CVE-2024-21370

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

8.8CVSS7.4AI score0.01768EPSS
Exploits0References1
OSV
OSV
•added 2024/02/13 6:15 p.m.•2 views

CVE-2024-21359

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

8.8CVSS7.4AI score0.01644EPSS
Exploits0References1
CNNVD
CNNVD
•added 2024/02/13 12:0 a.m.•5 views

Microsoft WDAC OLE DB provider for SQL Security Vulnerability

Microsoft OLE DB Provider for SQL Server is an API from Microsoft Corporation that allows access to data from a variety of sources in a unified way. A security vulnerability exists in Microsoft WDAC OLE DB provider for SQL. The following products and editions are affected: Windows 10 Version 21H2...

8.8CVSS7.2AI score0.01644EPSS
Exploits0References3
Positive Technologies
Positive Technologies
•added 2024/02/13 12:0 a.m.•4 views

PT-2024-2017 ¡ Microsoft ¡ Wdac Ole Db Provider For Sql Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft WDAC OLE DB provider for SQL Server affected versions not specified Description: The issue is related to numerical truncation errors in the Microsoft WDAC OLE DB provider for SQL Server. It allows remote attackers to execute arbitra...

10CVSS9.7AI score0.01628EPSS
Exploits0References8
Microsoft KB
Microsoft KB
•added 2024/01/09 8:0 a.m.•197 views

January 9, 2024—KB5034129 (OS Build 20348.2227)

None None...

8.8CVSS6.8AI score0.22773EPSS
Exploits9
Positive Technologies
Positive Technologies
•added 2023/10/10 12:0 a.m.•5 views

PT-2023-5983 ¡ Microsoft ¡ Wdac Ole Db Provider For Sql Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft WDAC OLE DB provider for SQL Server affected versions not specified Description: The issue is related to insufficient input validation in the Microsoft WDAC OLE DB provider for SQL Server component, which can be exploited by a remot...

10CVSS9.6AI score0.01738EPSS
Exploits0References8
Microsoft KB
Microsoft KB
•added 2023/09/12 7:0 a.m.•162 views

September 12, 2023—KB5030216 (OS Build 20348.1970)

None None...

8.8CVSS6.8AI score0.261EPSS
Exploits4
Microsoft KB
Microsoft KB
•added 2023/05/09 7:0 a.m.•192 views

May 9, 2023—KB5026370 (OS Build 20348.1726)

None None...

9.8CVSS6.8AI score0.94683EPSS
Exploits0
ATTACKERKB
ATTACKERKB
•added 2023/02/14 8:15 p.m.•2 views

CVE-2023-21799

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

8.8CVSS7.3AI score0.01188EPSS
Exploits0References2Affected Software22
ATTACKERKB
ATTACKERKB
•added 2023/02/14 8:15 p.m.•2 views

CVE-2023-21685

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

8.8CVSS7.3AI score0.01206EPSS
Exploits0References2Affected Software22
ATTACKERKB
ATTACKERKB
•added 2023/01/10 10:15 p.m.•4 views

CVE-2023-21681

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

8.8CVSS7.3AI score0.01376EPSS
Exploits0References3Affected Software25
OSV
OSV
•added 2023/01/10 10:15 p.m.•3 views

CVE-2023-21681

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

8.8CVSS7.4AI score0.01376EPSS
Exploits0References1
Malwarebytes
Malwarebytes
•added 2022/10/20 11:0 a.m.•14 views

Microsoft fixes driver blocklist placing users at risk from BYOVD attacks

There may be an all-new acronym for you to try and remember, as a result of Microsoft fixing a lingering issue. This issue is called Bring Your Own Vulnerable Driver BYOVD, and BYOVD has been popping up in various forms for the last few months. These attacks may have been less impactful if a...

7.2AI score
Exploits0
The Hacker News
The Hacker News
•added 2021/09/23 12:0 p.m.•68 views

A New Bug in Microsoft Windows Could Let Hackers Easily Install a Rootkit

Security researchers have disclosed an unpatched weakness in Microsoft Windows Platform Binary Table WPBT affecting all Windows-based devices since Windows 8 that could be potentially exploited to install a rootkit and compromise the integrity of devices. "These flaws make every Windows system...

2.1AI score
Exploits0
0day.today
0day.today
•added 2021/09/05 12:0 a.m.•548 views

Windows Defender Application Guard Denial Of Service Vulnerability

Windows Defender Application Guard also known as "WDAG", Microsoft Defender Application Guard, and "MDAG" can be closed by any script or website loaded in WDAG by redirecting the browser to a URL with a long hostname e.g, 10,000 characters long. This can cause a denial-of-service condition. Impac...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/09/03 12:0 a.m.•301 views

Windows Defender Application Guard Denial Of Service

Windows Defender Application Guard also known as "WDAG", Microsoft Defender Application Guard, and "MDAG" can be closed by any script or website loaded in WDAG by redirecting the browser to a URL with a long hostname e.g, 10,000 characters long. This can cause a denial-of-service condition. Impac...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
•added 2021/02/23 12:0 a.m.•6 views

The vulnerability of the application control tool: Windows Defender Application Control (WDAC), a PowerShell Core automation tool that allows attackers to gain unauthorized access to protected information.

The vulnerability of the application control tool, Windows Defender Application Control WDAC, a PowerShell Core automation tool, is related to security configuration errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected informati...

4.3CVSS7.5AI score0.02349EPSS
Exploits0References2
OSV
OSV
•added 2020/12/09 9:15 a.m.•6 views

CVE-2020-7337

Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise VSE prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of...

6.7CVSS6.6AI score0.00407EPSS
Exploits0References1
Rows per page
Query Builder