30 matches found
CVE-2023-38169
CVE-2023-38169 is a Microsoft SQL OLE DB Remote Code Execution vulnerability. Public sources confirm the issue affects Microsoft SQL OLE DB/ODBC components (e.g., OLE DB Driver for SQL Server and SQL Server client libraries) and can be exploited remotely via a network to run code with high impact...
CVE-2023-36728
CVE-2023-36728 is a Denial-of-Service vulnerability impacting Microsoft SQL Server components. Public references in the supplied documents describe DoS impact from a malformed TDS packet/login handling that can lead to unavailability or undefined behavior, as cited in the October 2023 security up...
CVE-2023-36417
CVE-2023-36417 is a Remote Code Execution vulnerability affecting the Microsoft SQL Server OLE DB Driver. The Nessus entries and Microsoft advisories indicate an RCE in the SQL OLE DB component that can enable authentication bypass and arbitrary command execution. The issue has been addressed in ...
CVE-2023-29349
CVE-2023-29349 concerns Microsoft ODBC and OLE DB components (SQL Server ODBC Driver and OLE DB Driver) enabling remote code execution. The vulnerability arises from improper handling in the ODBC/OLE DB stack, with an attack vector described as LOCAL and requiring user interaction, resulting in h...
CVE-2023-32028
CVE-2023-32028 – Microsoft SQL OLE DB Remote Code Execution Vulnerability affects the Microsoft OLE DB Driver for SQL Server (OLE DB Driver 19 for SQL Server, 18 for SQL Server) and related SQL Server OLE DB components. The root cause enables remote code execution, with exploitation described as ...
CVE-2024-37334
CVE-2024-37334 refers to the Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Connected sources confirm an RCE flaw in the OLE DB Driver when a vulnerable client connects to a malicious SQL Server, with the issue arising from a missing security update. The Nessus plugin...
CVE-2024-29985
CVE-2024-29985 is a remote code execution vulnerability in Microsoft OLE DB Driver for SQL Server. Affected are the OLE DB Driver components for SQL Server; exploitation is network-based with user interaction required, as reflected in the CVSS vector. Microsoft has released security updates that ...
CVE-2024-28906
CVE-2024-28906 refers to a remote-code-execution vulnerability in the Microsoft OLE DB Driver for SQL Server. The issue affects the OLE DB Driver for SQL Server components and can allow an attacker to execute arbitrary code on affected systems, with a network attack vector and no privileges requi...
CVE-2024-29983
CVE-2024-29983 affects the Microsoft OLE DB Driver for SQL Server and is a remote code execution vulnerability in the OLE DB Driver components. The issue is fixed by Microsoft security updates released on 2024-04-09 (KB5036343 for SQL Server 2022 CU12, and KB5037572 describing the OLE DB Driver 1...
CVE-2024-29048
CVE-2024-29048 is the Microsoft OLE DB Driver for SQL Server Remote Code Execution vulnerability. The core issue concerns the OLE DB driver components allowing an attacker to execute arbitrary code, with an attack vector over the network and no privileges required, and user interaction needed. Mi...
CVE-2024-28911
CVE-2024-28911 is a remote code execution vulnerability in the Microsoft OLE DB Driver for SQL Server. Public sources detail affected components as Microsoft OLE DB Driver for SQL Server (drivers used with SQL Server) and indicate the root cause relates to remote code execution via the OLE DB int...
CVE-2024-29045
CVE-2024-29045 is a remote code execution vulnerability in the Microsoft OLE DB Driver for SQL Server. Exploitation is network-based with no privileges required and user interaction needed (per CVSS: AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H). The issue affects the OLE DB Driver for SQL Server and is a...
CVE-2024-28914
CVE-2024-28914 is a Remote Code Execution vulnerability in the Microsoft OLE DB Driver for SQL Server. The CVE applies to the OLE DB Driver components that enable database access, with a network-facing attack vector and the attacker needing no privileges but user interaction is required for explo...
CVE-2024-28915
CVE-2024-28915 refers to a Remote Code Execution vulnerability in the Microsoft OLE DB Driver for SQL Server. The affected component is the OLE DB driver (Microsoft OLE DB Driver for SQL Server) used to access SQL Server data. According to connected sources, Microsoft released security updates to...
CVE-2024-28913
Summary: CVE-2024-28913 is a remote code execution vulnerability in the Microsoft OLE DB Driver for SQL Server. Multiple connected sources (Nessus patch notes and Microsoft update KBs) confirm this family of RCE issues affecting the OLE DB driver components and list CVE-2024-28913 among the vulne...
CVE-2024-29984
CVE-2024-29984 is a remote code execution vulnerability affecting the Microsoft OLE DB Driver for SQL Server. The issue concerns the OLE DB driver components (18.x and 19.x) and can be exploited over the network with user interaction required, per CVSS:3.1 base metrics (AV:N, AC:L, PR:N, UI:R, C:...
CVE-2024-28940
Summary (CVE-2024-28940) Affects Microsoft’s OLE DB Driver for SQL Server. The vulnerability is a remote code execution flaw in the OLE DB Driver components, enabling an attacker to run arbitrary code on a vulnerable system over the network, with high impact (C/H/I/A = High). The CVSS v3.1 metric...
CVE-2024-28944
CVE-2024-28944 affects Microsoft OLE DB Driver for SQL Server. The vulnerability is a Remote Code Execution issue in the OLE DB Driver components and is addressed by Microsoft security updates KB5036343 (SQL Server 2022 CU12 and related builds) and KB5037572 (OLE DB Driver 18 for SQL Server). The...
CVE-2024-29044
CVE-2024-29044 : Microsoft OLE DB Driver for SQL Server Remote Code Execution vulnerability. Connected documentation confirms impact via the OLE DB driver component and lists a security update (KB5036335) that fixes it for SQL Server 2019 CU25, bringing product version to 15.0.4360.2 (Windows) / ...
CVE-2024-28926
CVE-2024-28926 affects the Microsoft OLE DB Driver for SQL Server. Public materials in the connected docs identify it as a remote code execution vulnerability. Security updates exist for the OLE DB Driver across SQL Server releases: for OLE DB Driver 18, update to SQL Server 18.7.0002.0; for OLE ...
CVE-2024-28909
CVE-2024-28909 is a remote code execution vulnerability in the Microsoft OLE DB Driver for SQL Server. Multiple connected sources confirm it affects the OLE DB Driver components and can lead to arbitrary code execution on a vulnerable system. Microsoft has published security updates fixing this i...
CVE-2024-28939
CVE-2024-28939 : Microsoft OLE DB Driver for SQL Server has a remote code execution vulnerability. Technical context from connected documents shows the flaw exists in the OLE DB Driver component and can lead to arbitrary code execution on affected systems. The vulnerability is tracked with a high...
CVE-2024-28908
CVE-2024-28908 refers to a remote code execution vulnerability in Microsoft OLE DB Driver for SQL Server. The issue is associated with the OLE DB Driver components used with SQL Server and has been addressed by Microsoft in APR 2024 security updates (e.g., KB5035432 for SQL Server 2019/KB5035434 ...
CVE-2024-29046
CVE-2024-29046 — Microsoft OLE DB Driver for SQL Server Remote Code Execution is a high-severity vulnerability (CVSS v3.1: 8.8) affecting the OLE DB Driver for SQL Server. The issue enables remote code execution and is exploitable via network access with user interaction required; the attack surf...
CVE-2024-29982
CVE-2024-29982 concerns the Microsoft OLE DB Driver for SQL Server Remote Code Execution vulnerability. Public sources describe exploitation as remote code execution via the OLE DB driver; exploitation status is not provided in the supplied documents. Affected products include Microsoft OLE DB Dr...
CVE-2024-28927
CVE-2024-28927 is a Microsoft OLE DB Driver for SQL Server Remote Code Execution vulnerability. Public docs identify the affected component as the Microsoft OLE DB Driver for SQL Server, with remediation provided via security updates KB5037572 (OLDB Driver 18.x, SQL Server 18.7.0002.0) and KB5037...
CVE-2024-28942
CVE-2024-28942 pertains to the Microsoft OLE DB Driver for SQL Server. Public docs confirm a remote code execution vulnerability in the OLE DB driver, with exploitation potential over the network and requiring user interaction (per CVSS: 3.1, AV:N, AC:L, PR:N, UI:R, S:U, C/H/I/A: H). Connected so...
CVE-2024-28910
CVE-2024-28910 is a Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Connected sources confirm this affects the Microsoft OLE DB Driver for SQL Server (components used by SQL Server clients) and is addressed via security updates released in the April 9, 2024 updates. Mi...
CVE-2024-28912
The CVE CVE-2024-28912 affects Microsoft OLE DB Driver for SQL Server. It is a remote code execution vulnerability (attack vector: network) in the OLE DB driver components that can allow an attacker to execute arbitrary code on the target system with no privileges and user interaction required. I...
CVE-2024-28945
CVE-2024-28945 concerns the Microsoft OLE DB Driver for SQL Server. Connected sources confirm this is a remote code execution vulnerability affecting the OLE DB driver family (SQL Server components) and that security updates exist. Nessus/plugin data lists CVE-2024-28945 among related Oracle/ODBC...