1294 matches found
Security Updates for Microsoft SQL Server OLE DB Driver (April 2023)
The Microsoft SQL Server driver installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...
Security Updates for Microsoft SQL Server (April 2023)
The Microsoft SQL Server installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...
Security Updates for Microsoft SQL Server (April 2023)
The Microsoft SQL Server installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...
Security Updates for Microsoft SQL Server ODBC Driver (April 2023)
The Microsoft SQL Server driver installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...
The vulnerability of the SQLcmd utility in the Microsoft SQL Server database management system allows a hacker to execute arbitrary code.
The vulnerability of the SQLcmd utility in the Microsoft SQL Server database management system is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially created data...
PT-2023-22785 · Archery · Archery
Name of the Vulnerable Software and Affected Versions: Archery affected versions not specified Description: The Archery project contains multiple SQL injection vulnerabilities that may allow an attacker to query the connected databases. User input coming from the db name in the sql/data...
CVE-2023-23384
Microsoft SQL Server Remote Code Execution Vulnerability...
Remote code execution
Microsoft SQL Server Remote Code Execution Vulnerability...
CVE-2023-23384
CVE-2023-23384 is described in the connected documents as a Microsoft SQL Server remote code execution vulnerability reachable over the network. Nessus plugin entries for April 2023 (SMB_NT_MS23_APR_MSSQL_REMOTE.NASL and SMB_NT_MS23_APR_MSSQL.NASL) confirm a remote code execution issue, with self...
January 10, 2023—KB5022287 (OS Build 22000.1455)
January 10, 2023—KB5022287 OS Build 22000.1455 Important: For Windows Recovery Environment WinRE devices, see the updated 1/20/23 Special instructions for Windows Recovery Environment WinRE devices in the How to get this update section to address security vulnerabilities in CVE-2022-41099. For...
Microsoft SQL Server Remote Code Execution Vulnerability
...
Microsoft SQL Server 安全漏洞
Microsoft SQL Server is a large commercial database system from Microsoft that is used under Microsoft Windows. A security vulnerability exists in Microsoft SQL Server. The following products and versions are affected: Microsoft OLE DB Driver 18 for SQL Server,Microsoft OLE DB Driver 19 for SQL...
Microsoft SQL Server 安全漏洞
Microsoft SQL Server is a large commercial database system from Microsoft that is used under Microsoft Windows. A security vulnerability exists in Microsoft SQL Server. The following products and editions are affected: Microsoft SQL Server 2008 for 32-bit Systems Service Pack 4 QFE, Microsoft SQL...
Microsoft SQL Server 安全漏洞
Microsoft SQL Server is a large commercial database system from Microsoft that is used under Microsoft Windows. A security vulnerability exists in Microsoft SQL Server. The following products and versions are affected: Microsoft ODBC Driver 17 for SQL Server,Microsoft OLE DB Driver 18 for SQL...
KLA48844 Multiple vulnerabilities in Microsoft SQL Server
Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft SQL Server can be exploited remotely to execute arbitrary...
HashiCorp Vault SQL注入漏洞
HashiCorp Vault is a private key access management tool from HashiCorp Inc. in the United States. A SQL injection vulnerability exists in HashiCorp Vault versions 0.8.0 through 1.13.1, which stems from the fact that when configuring the MSSQL plugin locally, certain parameters are not cleaned up...
Microsoft SQL Server 2014 / 2016 / 2017 / 2019 / 2022 Audit Logging Failure
Title: Microsoft SQL Server Password Hash Exposure Product: Database Manufacturer: Microsoft Affected Versions: 2012-2022 Risk Level: Medium CVE Reference: N/A Author of Advisory: Emad Al-Mousa Overview: SQL Server is a popular database system, and database systems are a vital backbone in IT...
The vulnerability of the Microsoft SQL Server relational database management system arises from insufficient validation of input data, allowing an attacker to execute arbitrary code.
The vulnerability of the Microsoft SQL Server relational database management system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Microsoft ODBC driver for Microsoft SQL Server allows a hacker to execute arbitrary code.
The vulnerability of the Microsoft ODBC driver for Microsoft SQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the Microsoft SQL Server database management system, related to insufficient validation of input data, allows a hacker to execute arbitrary code.
The vulnerability of the Microsoft SQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...