Security Updates for Microsoft SQL Server OLE DB Driver (October 2023)

The Microsoft SQL Server OLE DB Driver installed on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities. - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...

CVE-2023-36728

Microsoft SQL Server Denial of Service Vulnerability...

Denial of service

Microsoft SQL Server Denial of Service Vulnerability...

CVE-2023-36728 Microsoft SQL Server Denial of Service Vulnerability

...

PT-2023-5971 · Microsoft · Sql Server

Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server affected versions not specified Description: The issue is related to insufficient input validation in the OLE DB driver for Microsoft SQL Server, which can be exploited to execute arbitrary code. This allows an attacker t...

KLA61355 Multiple vulnerabilities in Microsoft SQL Server

Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft ODBC Driver for SQL Server can be...

Microsoft ODBC Driver Security Vulnerability

Microsoft ODBC Driver is a driver from Microsoft. It allows applications to access data in a database management system DBMS using SQL as the standard for accessing data. A security vulnerability exists in Microsoft ODBC Driver. An attacker could exploit the vulnerability to remotely execute code...

Security Updates for Microsoft SQL Server ODBC Driver (August 2023)

The Microsoft SQL Server driver installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connec...

KLA51718 Multiple vulnerabilities in Microsoft SQL Server

A remote code execution vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2023-38169 Related products Microsoft-SQL-Server Microsoft-Windows CVE list CVE-2023-38169 critical KB list 5026806 5025808...

CVE-2023-34362 - a SQL injection vulnerability has been found in the MOVEit Transfer web application.

In Progress MOVEit Transfer before 2021.0.6 13.0.6, 2021.1.4 13.1.4, 2022.0.4 14.0.4, 2022.1.5 14.1.5, and 2023.0.1 15.0.1, a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database...

Security Updates for Microsoft SQL Server ODBC Driver (June 2023)

The Microsoft SQL Server driver installation on the remote host is missing a security update. It is, therefore, affected by remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for...

Security Updates for Microsoft SQL Server OLE DB Driver (June 2023)

The Microsoft SQL Server driver installation on the remote host is missing a security update. It is, therefore, affected by remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for...

HP Security Manager and Web Jetadmin - Potential remote code execution

HP Security Manager and Web Jetadmin may potentially be vulnerable to Remote Code Execution when using certain versions of Microsoft SQL Server Express. For additional information regarding the potential vulnerability and Microsoft SQL security patches for existing installations, please visit the...

Build Numbers and Versions of Veeam Plug-ins for Enterprise Applications

Plug-In Download The latest version of all Plug-Ins for Enterprise Applications can be found at the bottom of the My Products page within the My Portal, in the Application Plug-Ins under Additional downloads. View by Plug-in Build Number View by Veeam Backup & Replication Release This table lists...

The vulnerability of the Microsoft ODBC Driver for SQL Server’s dynamic layout library, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft ODBC Driver for SQL Server’s dynamic layout library is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

MOVEit SQL Injection Exploit

This Metasploit module exploits an SQL injection vulnerability in the MOVEit Transfer web application that allows an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an attacker can levera...

Microsoft ODBC Driver 安全漏洞

Microsoft ODBC Driver is a driver from Microsoft. It allows applications to access data in a database management system DBMS using SQL as the standard for accessing data. A security vulnerability exists in the Microsoft ODBC Driver that stems from the presence of a remote code execution...

KLA50361 Multiple vulnerabilities in Microsoft SQL Server

Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft ODBC Driver for SQL Server can be exploited remotely to...

Progress MOVEit Transfer SQL Injection Vulnerability

Progress MOVEit Transfer contains a SQL injection vulnerability that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an attacker may be able to infer informati...

VulnCheck KEV: CVE-2023-34362

Progress MOVEit Transfer contains a SQL injection vulnerability that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an attacker may be able to infer...