4519 matches found
KLA10901 Multiple vulnerabilities in Microsoft SQL Server
Multiple serious vulnerabilities have been found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1. An improper pointer casting handling can be exploited by remotely...
Microsoft SQL Server CVE-2016-7253 Privilege Escalation Vulnerability
Description Microsoft SQL Server is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft SQL Server 2012 for 32-bit Systems Service Pack 2 Microsoft SQL Server 2012 for 32-bit Systems Service Pack 3 Microsof...
Microsoft SQL Server CVE-2016-7252 Information Disclosure Vulnerability
Description Microsoft SQL Server is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft SQL Server 2016 for x64-based Systems Recommendations Block external access at...
Microsoft SQL Server CVE-2016-7249 Privilege Escalation Vulnerability
Description Microsoft SQL Server is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft SQL Server 2016 for x64-based Systems Recommendations Run all software as a nonprivileged user with minimal access...
Microsoft SQL Server CVE-2016-7254 Privilege Escalation Vulnerability
Description Microsoft SQL Server is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft SQL Server 2012 for 32-bit Systems Service Pack 2 Microsoft SQL Server 2012 for 32-bit Systems Service Pack 3 Microsof...
MS16-136: Security Update for SQL Server (3199641)
The remote Microsoft SQL Server is missing a security update. It is, therefore, affected by multiple vulnerabilities : - Multiple elevation of privilege vulnerabilities exist in the SQL RDBMS Engine due to improper handling of pointer casting. An authenticated, remote attacker can exploit these t...
MS16-136: Security update for SQL Server: November 8, 2016
Resolves vulnerabilities in Microsoft SQL Server that could allow an attacker to gain elevated privileges that might be used to create accounts, or view, change, or delete data.SummaryThis update resolves vulnerabilities in Microsoft SQL Server. The most severe vulnerabilities could allow an...
Microsoft SQL Server Master Data Services CVE-2016-7251 Cross Site Scripting Vulnerability
Description Microsoft SQL Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. Technologie...
Microsoft SQL Server CVE-2016-7250 Privilege Escalation Vulnerability
Description Microsoft SQL Server is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft SQL Server 2014 for 32-bit Systems Service Pack 1 Microsoft SQL Server 2014 for 32-bit Systems Service Pack 2 Microsof...
Automated Security Response: Falcon Orchestrator
CrowdStrike Falcon Orchestrator is an extendable Windows-based application that provides workflow automation, case management and security response functionality. The tool leverages the highly extensible APIs contained within the CrowdStrike Falcon Connect program. Falcon Orchestrator has only be...
Microsoft SQL Server 2012 11.0.x.x < 11.0.3460.0 Multiple Vulnerabilities (2977325)
Binary data 9704.prm...
Microsoft SQL Server 2008 R2 10.50.x.x < 10.50.4321.00 Multiple Vulnerabilities (2977319)
Binary data 9703.prm...
Microsoft SQL Server 2014 12.0.x.x < 12.0.2381.0 Multiple Vulnerabilities (2977316)
Binary data 9705.prm...
Microsoft SQL Server 2008 10.00.x.x < 10.00.5869.00 Multiple Vulnerabilities (2984340)
Binary data 9702.prm...
Database Creation Error: The login already has an account under a different user name
When running the New Database Creation Wizard on the Workspace Environment Management WEM Infrastructure Services server, the administrator encounters the following error: "Database Creation Error!" A database is partially created on the SQL server, without any tables. TheCitrix Workspace...
Microsoft SQL Server Unquoted Service Path Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits Exploit Title: Microsoft SQL Server Unquoted Service Path Privilege Escalation Date: 10/142016 Author: Saeed Hasanzadeh Net.Hun73r Vendor Homepage: https://www.microsoft.com Software Link:...
Restore Fails for Database with Consecutive Backslash Characters in File Path
Challenge Veeam Explorer for Microsoft SQL Server reports the error: Inconsistent database metadata. See the log for details. Cause One or more database file paths contained multiple consecutive backslash characters when the SQL server was backed up. Solution Clarifying Issue This issue cannot be...
CVE-2016-6532
DEXIS Imaging Suite 10 has a hardcoded password for the sa account, which allows remote attackers to obtain administrative access by entering this password in a DEXISDATA SQL Server session...
CVE-2016-6532
DEXIS Imaging Suite 10 has a hardcoded password for the sa account, which allows remote attackers to obtain administrative access by entering this password in a DEXISDATA SQL Server session...
Hardcoded credentials
DEXIS Imaging Suite 10 has a hardcoded password for the sa account, which allows remote attackers to obtain administrative access by entering this password in a DEXISDATA SQL Server session...