66 matches found
n8n: SQL Injection in MySQL, PostgreSQL, and Microsoft SQL nodes
Impact An authenticated user with permission to create or modify workflows and access to a database credential could unknowingly create a workflow that was vulnerable to SQL injection, even while expecting inputs to be handled safely through escaped parameters. By supplying specially crafted tabl...
EUVD-2025-206354
Exos 9300 instances are using a randomly generated database password to connect to the configured MSSQL server. The password is derived from static random values, which are concatenated to the hostname and a random string that can be read by every user from the registry. This allows an attacker t...
EUVD-2019-14310
Malware in sbrugna...
EUVD-2023-41994
Malicious code in bioql PyPI...
EUVD-2023-36315
Malicious code in bioql PyPI...
EUVD-2021-7103
Malicious code in bioql PyPI...
EUVD-2023-40382
Malicious code in bioql PyPI...
ansible-collection-microsoft-sql bug fix and enhancement update
An update is available for ansible-collection-microsoft-sql. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release,...
Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms
Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress. "Attackers have been observed brute-forcing the software at scale, and gaining access simply by using the product's default credentials,"...
HTTP Microsoft SQL Injection Table XSS Infection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Microsoft SQL Injection Table XSS Infection', 'Description' = %q This module implements the mass SQL injection attack in use lately by...
GO-2023-1685 HashiCorp Vault’s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File in github.com/hashicorp/vault
HashiCorp Vault’s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File in github.com/hashicorp/vault...
How to Change Initial Management Port for Veeam Plug-ins for Enterprise Applications
Purpose This article documents how to change the default port used by the Plugin Manager 6791 for Veeam Plug-ins for Enterprise Applications: Veeam Plug-in for SAP HANA Veeam Plug-in for Oracle RMAN Veeam Plug-in for SAP on Oracle Veeam Plug-in for Microsoft SQL Server Veeam Plug-in for IBM Db2...
RHEL 9 : .NET 8.0 (RHSA-2024:0152)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0152 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...
Legba - A Multiprotocol Credentials Bruteforcer / Password Sprayer And Enumerator
Legba is a multiprotocol credentials bruteforcer / password sprayer and enumerator built with Rust and the Tokio asynchronous runtime in order to achieve better performances and stability while consuming less resources than similar tools see the benchmark below. For the building instructions, usa...
Remote code execution
Microsoft SQL OLE DB Remote Code Execution Vulnerability...
CVE-2023-36417 Microsoft SQL OLE DB Remote Code Execution Vulnerability
...
CVE-2023-36417 Microsoft SQL OLE DB Remote Code Execution Vulnerability
...
CVE-2023-38169
Microsoft SQL OLE DB Remote Code Execution Vulnerability...
Remote code execution
Microsoft SQL OLE DB Remote Code Execution Vulnerability...
CVE-2023-32028
Microsoft SQL OLE DB Remote Code Execution Vulnerability...