1377 matches found
Gh0stCringe RAT makes database servers squeal for protection
Researchers have found that the Gh0stCringe RAT is infecting Microsoft SQL and MySQL, and seems to focus on servers with weak protection. The Gh0stCringe RAT communicates with a command and control C&C server to receive instructions and is capable of exfiltrating information. SQL SQL is short for...
VulnCheck KEV: CVE-2021-1636
Microsoft SQL Elevation of Privilege Vulnerability...
Hackers Backdoor Unpatched Microsoft SQL Database Servers with Cobalt Strike
Vulnerable internet-facing Microsoft SQL MS SQL Servers are being targeted by threat actors as part of a new campaign to deploy the Cobalt Strike adversary simulation tool on compromised hosts. "Attacks that target MS SQL servers include attacks to the environment where its vulnerability has not...
Security Updates for Microsoft SQL Server (February 2022)
The Microsoft SQL Server installation on the remote host is missing a security update. It is, therefore, affected by a privilege escalation vulnerability that exists in Microsoft SQL Server 2019 Linux container images. An unauthenticated, local attacker could exploit this to elevate privileges...
Microsoft SQL Server 2019 for Linux Containers权限提升漏洞
Microsoft SQL Server is a large commercial database system used under Microsoft Windows from Microsoft Corporation Microsoft. Details are not available at this time...
KLA12455 Multiple vulnerabilities in Microsoft SQL Server
Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Microsoft Power BI can be exploited remotely ...
Security Bulletin: A security vulnerability has been identified in the IBM Spectrum Protect Client that affects multiple IBM Spectrum Protect products (CVE-2018-1786)
Summary The IBM Spectrum Protect formerly Tivoli Storage Manger Client/API is used as a component of IBM Spectrum Protect Snapshot formerly Tivoli Storage FlashCopy Manager for Windows, IBM Spectrum Protect for Databases, and IBM Spectrum Protect for Mail. Information about a security vulnerabili...
KLA12395 RCE vulnerability in Microsoft SQL Server
Remote code execution vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2021-44228 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such malwar...
Security Bulletin: PostgreSQL vulnerabilities in IBM Robotic Process Automation with Automation Anywhere - CVE-2021-32028
Summary IBM Robotic Process Automation with Automation Anywhere is vulnerable to attacks involving PostgreSQL. Vulnerability Details CVEID: CVE-2021-32028 DESCRIPTION: PostgreSQL could allow a remote authenticated attacker to obtain sensitive information, caused by a memory disclosure vulnerabili...
new packages: ansible-collection-microsoft-sql
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
ALEA-2021:4283 new packages: ansible-collection-microsoft-sql
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
new packages: ansible-collection-microsoft-sql
An update is available for ansible-collection-microsoft-sql. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release,...
KLA12344 SUI vulnerability in Microsoft SQL Server
A spoofing vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2021-41372 Related products Microsoft-Power-BI CVE list CVE-2021-41372 critical KB list 5007903 Solution Install necessary updates from the K...
Vulnerability fixed in Microsoft SQL Server
Microsoft has fixed a vulnerability in Microsoft SQL Server. The vulnerability allows a malicious party to launch Cross-Site Scripting XSS and Cross-Site Request Forgery CSRF attack. execute. By combining the two methods, an attacker can execute arbitrary code on the server under the privileges o...
Build Smart ERP 21.0817 - (eidValue) SQL Injection Vulnerability
Exploit Title: Build Smart ERP 21.0817 - 'eidValue' SQL Injection Unauthenticated Exploit Author: Nehru Sethuraman Vendor Homepage: https://ribccs.com/solutions/solution-buildsmart Version: 21.0817 Build: 3 Google Dorks: intitle:buildsmart accounting Tested on: OS - Windows 2012 R2 or 8.1 &...
Build Smart ERP 21.0817 SQL Injection
Exploit Title: Build Smart ERP 21.0817 - 'eidValue' SQL Injection Unauthenticated Date: 24/10/2021 Exploit Author: Nehru Sethuraman Vendor Homepage: https://ribccs.com/solutions/solution-buildsmart Version: 21.0817 Build: 3 Google Dorks: intitle:buildsmart accounting Tested on: OS - Windows 2012 ...
CVE-2021-33583
REINER timeCard 6.05.07 installs a Microsoft SQL Server with an sa password that is hardcoded in the TCServer.jar file...
Hardcoded credentials
REINER timeCard 6.05.07 installs a Microsoft SQL Server with an sa password that is hardcoded in the TCServer.jar file...
CVE-2021-33583
REINER timeCard 6.05.07 installs a Microsoft SQL Server with an sa password that is hardcoded in the TCServer.jar file...
CVE-2021-33583
REINER timeCard 6.05.07 contains hardcoded sa credentials in TCServer.jar, enabling a Microsoft SQL Server instance that can be remotely accessed as sa. Red Hat and CNNVD entries corroborate that the password is hardcoded and can lead to remote access and command execution via the publicly reacha...