KLA50361 Multiple vulnerabilities in Microsoft SQL Server

Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft ODBC Driver for SQL Server can be exploited remotely to...

Progress MOVEit Transfer SQL Injection Vulnerability

Progress MOVEit Transfer contains a SQL injection vulnerability that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an attacker may be able to infer informati...

VulnCheck KEV: CVE-2023-34362

Progress MOVEit Transfer contains a SQL injection vulnerability that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an attacker may be able to infer...

Security Updates for Microsoft SQL Server OLE DB Driver (April 2023)

The Microsoft SQL Server driver installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...

Security Updates for Microsoft SQL Server (April 2023)

The Microsoft SQL Server installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...

Security Updates for Microsoft SQL Server (April 2023)

The Microsoft SQL Server installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...

Security Updates for Microsoft SQL Server ODBC Driver (April 2023)

The Microsoft SQL Server driver installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...

How to Collect Logs for Veeam Plug-in for Microsoft SQL Server

Purpose This article explains how to collect the logs required for a support case involving Veeam Plug-in for Microsoft SQL Server. Solution Quick Start Automated Veeam Plug-in for Microsoft SQL Server Log Collection If the Windows machines where Veeam Plug-in for Microsoft SQL Server is installe...

PT-2023-22785 · Archery · Archery

Name of the Vulnerable Software and Affected Versions: Archery affected versions not specified Description: The Archery project contains multiple SQL injection vulnerabilities that may allow an attacker to query the connected databases. User input coming from the db name in the sql/data...

CVE-2023-23384

Microsoft SQL Server Remote Code Execution Vulnerability...

Remote code execution

Microsoft SQL Server Remote Code Execution Vulnerability...

CVE-2023-23384

CVE-2023-23384 is described in the connected documents as a Microsoft SQL Server remote code execution vulnerability reachable over the network. Nessus plugin entries for April 2023 (SMB_NT_MS23_APR_MSSQL_REMOTE.NASL and SMB_NT_MS23_APR_MSSQL.NASL) confirm a remote code execution issue, with self...

January 10, 2023—KB5022287 (OS Build 22000.1455)

January 10, 2023—KB5022287 OS Build 22000.1455 Important: For Windows Recovery Environment WinRE devices, see the updated 1/20/23 Special instructions for Windows Recovery Environment WinRE devices in the How to get this update section to address security vulnerabilities in CVE-2022-41099. For...

Microsoft SQL Server Remote Code Execution Vulnerability

...

Microsoft SQL Server 安全漏洞

Microsoft SQL Server is a large commercial database system from Microsoft that is used under Microsoft Windows. A security vulnerability exists in Microsoft SQL Server. The following products and versions are affected: Microsoft OLE DB Driver 18 for SQL Server,Microsoft OLE DB Driver 19 for SQL...

Microsoft SQL Server 安全漏洞

Microsoft SQL Server is a large commercial database system from Microsoft that is used under Microsoft Windows. A security vulnerability exists in Microsoft SQL Server. The following products and editions are affected: Microsoft SQL Server 2008 for 32-bit Systems Service Pack 4 QFE, Microsoft SQL...

Microsoft SQL Server 安全漏洞

Microsoft SQL Server is a large commercial database system from Microsoft that is used under Microsoft Windows. A security vulnerability exists in Microsoft SQL Server. The following products and versions are affected: Microsoft ODBC Driver 17 for SQL Server,Microsoft OLE DB Driver 18 for SQL...

KLA48844 Multiple vulnerabilities in Microsoft SQL Server

Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft SQL Server can be exploited remotely to execute arbitrary...

CVE-2023-0620

HashiCorp Vault and Vault Enterprise versions 0.8.0 through 1.13.1 are vulnerable to an SQL injection attack when configuring the Microsoft SQL MSSQL Database Storage Backend. When configuring the MSSQL plugin through the local, certain parameters are not sanitized when passed to the user-provide...

CVE-2023-0620 Vault Vulnerable to SQL Injection When Configuring the Microsoft SQL Database Storage Backend

HashiCorp Vault and Vault Enterprise versions 0.8.0 through 1.13.1 are vulnerable to an SQL injection attack when configuring the Microsoft SQL MSSQL Database Storage Backend. When configuring the MSSQL plugin through the local, certain parameters are not sanitized when passed to the user-provide...