1294 matches found
KLA65509 Multiple vulnerabilities in Microsoft SQL Server
Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft OLE DB Driver for SQL Server can be exploited remotely to...
Microsoft OLE DB Provider for SQL Server 安全漏洞
Microsoft OLE DB Provider for SQL Server is an API from Microsoft Corporation that allows access to data from a variety of sources in a unified way. A security vulnerability exists in Microsoft OLE DB Provider for SQL Server. An attacker could exploit the vulnerability to remotely execute code. T...
PT-2024-3124 · Microsoft · Ole Db Driver For Sql Server +1
Name of the Vulnerable Software and Affected Versions: Microsoft OLE DB Driver for SQL Server affected versions not specified Description: The issue exists due to insufficient input validation in the Microsoft OLE DB Driver for SQL Server. This allows a remote attacker to execute arbitrary code...
Microsoft OLE DB Provider for SQL Server 安全漏洞
Microsoft OLE DB Provider for SQL Server is an API from Microsoft Corporation that allows access to data from a variety of sources in a unified way. A security vulnerability exists in Microsoft OLE DB Provider for SQL Server. An attacker could exploit the vulnerability to remotely execute code. T...
Microsoft OLE DB Provider for SQL Server 安全漏洞
Microsoft OLE DB Provider for SQL Server is an API from Microsoft Corporation that allows access to data from a variety of sources in a unified way. A security vulnerability exists in Microsoft OLE DB Provider for SQL Server. An attacker could exploit the vulnerability to remotely execute code. T...
Microsoft OLE DB Provider for SQL Server 安全漏洞
Microsoft OLE DB Provider for SQL Server is an API from Microsoft Corporation that allows access to data from a variety of sources in a unified way. A security vulnerability exists in Microsoft OLE DB Provider for SQL Server. An attacker could exploit the vulnerability to remotely execute code. T...
KLA65143 ACE vulnerability in Microsoft SQL Server
A remote code execution vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2024-26164 Related products Microsoft-SQL-Server CVE list CVE-2024-26164 critical KB list Solution Install necessary updates...
Remote code execution
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...
KB5033592 - Description of the security update for SQL Server 2022 CU10: January 9, 2024
KB5033592 - Description of the security update for SQL Server 2022 CU10: January 9, 2024 Summary How to obtain and install the update How to obtain or download the latest cumulative update package for Linux More information File information Information about protection and security Summary This...
Security Updates for Microsoft SQL Server (January 2024) (Remote)
The Microsoft SQL Server installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions...
Microsoft SQL Server db_ddladmin Privilege Escalation Vulnerability
Microsoft SQL Server versions 2014 through 2022 suffers from a dbddladmin privilege escalation vulnerability. When escalated to Microsoft as a concern, they instead opted to update their documentation to note that this is possible instead of addressing the issue. Title: SQL Server Privilege...
Microsoft SQL Server Security Vulnerability
Microsoft SQL Server is a large commercial database system from Microsoft that is used under Microsoft Windows. A security vulnerability exists in Microsoft SQL Server. An attacker could exploit the vulnerability to bypass certain functionality. The following products and versions are affected:...
KLA62825 SB vulnerability in Microsoft SQL Server
A security feature bypass vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to bypass security restrictions. Original advisories CVE-2024-0056 Exploitation Public exploits exist for this vulnerability. Related products Microsoft-SQL-Server CVE list...
Security Updates for Microsoft SQL Server (January 2024)
The Microsoft SQL Server installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions...
CVE-2023-47800
Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL...
Default credentials
Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL...
CVE-2023-47800
CVE-2023-47800 affects Natus NeuroWorks and SleepWorks prior to version 8.4 GMA3. The root cause is a default password (xltek) on the Microsoft SQL Server service account sa, enabling a threat actor to perform remote code execution, data exfiltration, or data/tampering and disruption of MSSQL ser...
PT-2023-30615 · Natus +1 · Natus Neuroworks +2
Name of the Vulnerable Software and Affected Versions: Natus NeuroWorks and SleepWorks versions prior to 8.4 GMA3 Description: The issue arises from the use of a default password xltek for the Microsoft SQL Server service sa account in Natus NeuroWorks and SleepWorks. This allows a threat actor t...
The vulnerability of the Microsoft SQL Server database management system, related to insufficient validation of input data, allows a hacker to trigger a service failure.
The vulnerability of the Microsoft SQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause service failures...
Security Updates for Microsoft SQL Server ODBC Driver (October 2023)
The Microsoft SQL Server ODBC Driver installed on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities. - An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2023-36417, CVE-2023-36420,...