The vulnerability of ODBC and OLE DB drivers in the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of ODBC and OLE DB drivers in the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2023-2226

Due to insufficient validation in the PE and OLE parsers in Rapid7's Velociraptor versions earlier than 0.6.8 allows attacker to crash Velociraptor during parsing of maliciously malformed files. For this attack to succeed, the attacker needs to be able to introduce malicious files to the system a...

Velocidex Velociraptor 缓冲区错误漏洞

Velocidex Velociraptor is a tool from Velocidex Australia that uses Velociraptor Query Language VQL queries to gather host-based state information. A security vulnerability exists in Velocidex Velociraptor versions prior to 0.6.8 that stems from insufficient validation of the PE and OLE parsers,...

PT-2023-18387 · Unknown · Velociraptor

Name of the Vulnerable Software and Affected Versions: Velociraptor versions prior to 0.6.8 Description: The issue is caused by insufficient validation in the PE and OLE parsers, allowing an attacker to crash Velociraptor during parsing of maliciously malformed files. For this attack to succeed,...

CVE-2023-23375

Microsoft ODBC and OLE DB Remote Code Execution Vulnerability...

CVE-2023-23375 Microsoft ODBC and OLE DB Remote Code Execution Vulnerability

...

Microsoft SQL Server 安全漏洞

Microsoft SQL Server is a large commercial database system from Microsoft that is used under Microsoft Windows. A security vulnerability exists in Microsoft SQL Server. The following products and versions are affected: Microsoft OLE DB Driver 18 for SQL Server,Microsoft OLE DB Driver 19 for SQL...

PT-2023-2437 · Microsoft · Windows +1

Name of the Vulnerable Software and Affected Versions: Microsoft WDAC OLE DB provider for SQL Server affected versions not specified Description: The issue exists due to insufficient input validation in the OLE DB driver for SQL Server in the Windows operating system. This allows a remote attacke...

PT-2023-2559 · Microsoft · Odbc +2

Name of the Vulnerable Software and Affected Versions: Microsoft ODBC and OLE DB affected versions not specified Description: The issue exists due to insufficient input validation in the Windows operating system's ODBC and OLE DB drivers. Exploitation of this issue may allow an attacker to execut...

SUSE CVE-2006-4514

Heap-based buffer overflow in the oleinforeadmetabat function in Gnome Structured File library libgsf 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large nummetabat value in an OLE document, which causes the oleinitinfo function to...

CVE-2023-21686

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server on the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2022-37982

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

CVE-2022-34731

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

Microsoft Windows 代码注入漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A code injection vulnerability exists in Microsoft Windows OLE. The following products and versions are affected: Windows Server 2008 for 32-bit Systems Service Pack 2 Server Core...

Microsoft Windows 代码注入漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A code injection vulnerability exists in Microsoft Windows OLE. The following products and editions are affected:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for...

Microsoft Windows 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows OLE. The following products and versions are affected: Windows 11 for ARM64-based Systems,Windows 10 Version 21H2...

PT-2022-21358 · Estsoft · Estsoft Alyac

Name of the Vulnerable Software and Affected Versions: ESTsoft Alyac version 2.5.8.544 Description: An integer overflow issue exists in the way ESTsoft Alyac parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow, potentially resulting in arbitrary code execution. This...