4416 matches found
KLA90053 PE vulnerability in Microsoft SQL Server
An elevation of privilege vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2025-59499 Related products Microsoft-SQL-Server Microsoft-Azure CVE list CVE-2025-59499 critical KB list 5068405 5068403 5068401...
Microsoft SQL Server SQL注入漏洞
Microsoft SQL Server is a large commercial database system from Microsoft Corporation USA that is applied under the Microsoft Windows system. A SQL injection vulnerability exists in Microsoft SQL Server. An attacker can exploit the vulnerability to elevate privileges. The following products and...
[R1] Tenable Identity Exposure Version 3.77.14 Fixes Multiple Vulnerabilities
R1 Tenable Identity Exposure Version 3.77.14 Fixes Multiple Vulnerabilities Arnie Cabral Mon, 11/03/2025 - 09:50 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. Several of the third-party components .NET, SQL and curl were found to contain...
[R1] Tenable Identity Exposure Version 3.77.14 Fixes Multiple Vulnerabilities
R1 Tenable Identity Exposure Version 3.77.14 Fixes Multiple Vulnerabilities Arnie Cabral Mon, 11/03/2025 - 09:50 Tenable Identity Exposure leverages third-party software to help provide underlying functionality. Several of the third-party components .NET, SQL and curl were found to contain...
CVE-2025-11177
The External Login plugin for WordPress is vulnerable to SQL Injection via the 'log' parameter in all versions up to, and including, 1.11.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
SQL Plugin Job Fails with Error: "Mandatory arguments not set" or "Starting retention policy task"
Challenge After the upgrade or installation of the patch for Veeam Backup & Replication 12.3.2.4165, existing Veeam Plug-In for Microsoft SQL jobs fail with the following error: Failed to backup database. Error: Mandatory arguments not set Session failed: Mandatory arguments not set. Starting...
CVE-2025-11177 External Login <= 1.11.2 - Unauthenticated SQL Injection via log
The External Login plugin for WordPress is vulnerable to SQL Injection via the 'log' parameter in all versions up to, and including, 1.11.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2025-11177 External Login <= 1.11.2 - Unauthenticated SQL Injection via log
The External Login plugin for WordPress is vulnerable to SQL Injection via the 'log' parameter in all versions up to, and including, 1.11.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
Vulnerability fixed in Microsoft SQL Server
Microsoft has fixed a vulnerability in the JDBC driver for SQL Server. A malicious party could exploit the vulnerability to gain access to sensitive data, such as login credentials, through a Server-in-the-Middle attack. For successful exploitation, the malicious party must trick the victim into...
Improper Validation of Certificate with Host Mismatch
Overview Affected versions of this package are vulnerable to Improper Validation of Certificate with Host Mismatch via the parseCommonName method . An attacker can gain unauthorized access or impersonate users by crafting malicious X.509 certificates that bypass hostname validation through...
EUVD-2025-34375
Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-59250
Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-59250
Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-59250 JDBC Driver for SQL Server Spoofing Vulnerability
...
CVE-2025-59250
CVE-2025-59250: IBM bulletin shows this CVE as an issue of improper input validation in the JDBC Driver for SQL Server, enabling spoofing over the network. The connected document confirms the vulnerability exists with a base score of 8.1 (HIGH) and network attack vector but does not provide produ...
CVE-2025-59250 JDBC Driver for SQL Server Spoofing Vulnerability
...
io.github.regychang:flinkify-flink-core (>=0.2.1 <=0.2.2) potentially affected by CVE-2025-62228 via org.apache.flink:flink-connector-sqlserver-cdc (=3.2.0)
org.apache.flink:flink-connector-sqlserver-cdc MAVEN version =3.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.flink:flink-connector-sqlserver-cdc and may be impacted: - io.github.regychang:flinkify-flink-core =0.2.1, =0.2.2 Source cves...
EUVD-1999-1537
Malware in sbrugna...
EUVD-2019-13254
Malware in sbrugna...
EUVD-2014-0409
Malware in sbrugna...