108 matches found
CVE-2024-37341
CVE-2024-37341 is a Microsoft SQL Server Elevation of Privilege vulnerability. Connected docs confirm the issue affects SQL Server components and was patched via KB5046062 (security update for SQL Server 2016 SP3 Azure Connect Feature Pack). The update lists SQL Server builds such as SQLServer201...
CVE-2024-37334
CVE-2024-37334 refers to the Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Connected sources confirm an RCE flaw in the OLE DB Driver when a vulnerable client connects to a malicious SQL Server, with the issue arising from a missing security update. The Nessus plugin...
CVE-2024-38088
CVE-2024-38088 is a remote code execution vulnerability in the SQL Server Native Client OLE DB Provider. It affects Microsoft SQL Server components and is rated CVSSv3.1 8.8 (High) with network attack vector and required user interaction. The issue is being addressed via July 2024 Microsoft secur...
CVE-2024-29985
CVE-2024-29985 is a remote code execution vulnerability in Microsoft OLE DB Driver for SQL Server. Affected are the OLE DB Driver components for SQL Server; exploitation is network-based with user interaction required, as reflected in the CVSS vector. Microsoft has released security updates that ...
CVE-2024-28929
CVE-2024-28929 affects the Microsoft ODBC Driver for SQL Server. Public advisories and update docs show a remote code execution vulnerability in the ODBC driver family, with attackers potentially bypassing authentication and executing arbitrary commands. Remediation is to install the security upd...
CVE-2024-28931
CVE-2024-28931 affects the Microsoft ODBC Driver for SQL Server. The vulnerability enables remote code execution with network access and requires no privileges, with user interaction reportedly involved per CVSS metrics. The CVE is addressed by updates across ODBC Driver versions; example fixes i...
CVE-2024-28943
CVE-2024-28943 : Remote Code Execution vulnerability in Microsoft ODBC Driver for SQL Server. The affected component is the ODBC driver (Microsoft ODBC Driver for SQL Server) with the vulnerability described as remote code execution. Public advisories indicate fixes are included in the latest dri...
CVE-2024-28906
CVE-2024-28906 refers to a remote-code-execution vulnerability in the Microsoft OLE DB Driver for SQL Server. The issue affects the OLE DB Driver for SQL Server components and can allow an attacker to execute arbitrary code on affected systems, with a network attack vector and no privileges requi...
CVE-2024-29048
CVE-2024-29048 is the Microsoft OLE DB Driver for SQL Server Remote Code Execution vulnerability. The core issue concerns the OLE DB driver components allowing an attacker to execute arbitrary code, with an attack vector over the network and no privileges required, and user interaction needed. Mi...
CVE-2024-29983
CVE-2024-29983 affects the Microsoft OLE DB Driver for SQL Server and is a remote code execution vulnerability in the OLE DB Driver components. The issue is fixed by Microsoft security updates released on 2024-04-09 (KB5036343 for SQL Server 2022 CU12, and KB5037572 describing the OLE DB Driver 1...
CVE-2024-28930
CVE-2024-28930 affects the Microsoft ODBC Driver for SQL Server. The vulnerability is a remote code execution issue in the ODBC driver components that can be exploited over a network with no privileges and requires user interaction (per CVSS metrics in the initial document). The linked updates co...
CVE-2024-28911
CVE-2024-28911 is a remote code execution vulnerability in the Microsoft OLE DB Driver for SQL Server. Public sources detail affected components as Microsoft OLE DB Driver for SQL Server (drivers used with SQL Server) and indicate the root cause relates to remote code execution via the OLE DB int...
CVE-2024-28937
CVE-2024-28937 is a remote code execution vulnerability in Microsoft ODBC Driver for SQL Server. The connected documentation confirms the issue affects the Microsoft ODBC Driver for SQL Server and is addressed by updates in the April 2024 security releases. The issue is exploitable over a network...
CVE-2024-29045
CVE-2024-29045 is a remote code execution vulnerability in the Microsoft OLE DB Driver for SQL Server. Exploitation is network-based with no privileges required and user interaction needed (per CVSS: AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H). The issue affects the OLE DB Driver for SQL Server and is a...
CVE-2024-28933
CVE-2024-28933 is a Remote Code Execution vulnerability in Microsoft ODBC Driver for SQL Server. The connected sources confirm an in-the-wild risk surfaced by the ODBC driver family (drivers v17 and v18) used with SQL Server clients. The issue is described as a remote code execution vulnerability...
CVE-2024-28914
CVE-2024-28914 is a Remote Code Execution vulnerability in the Microsoft OLE DB Driver for SQL Server. The CVE applies to the OLE DB Driver components that enable database access, with a network-facing attack vector and the attacker needing no privileges but user interaction is required for explo...
CVE-2024-28936
CVE-2024-28936 : A Remote Code Execution vulnerability in the Microsoft ODBC Driver for SQL Server. Affects the Microsoft ODBC Driver for SQL Server components; the issue is fixed by Microsoft inApril 2024 security updates for SQL Server ODBC Driver 17.x (e.g., 17.10.6.1) and 18.x (e.g., 18.3.3.1...
CVE-2024-28941
The CVE-2024-28941 entry covers a Remote Code Execution vulnerability in the Microsoft ODBC Driver for SQL Server. Public data confirms this affects the ODBC Driver component used to connect to SQL Server and is exploitable via network without authentication, with user interaction required per th...
CVE-2024-28915
CVE-2024-28915 refers to a Remote Code Execution vulnerability in the Microsoft OLE DB Driver for SQL Server. The affected component is the OLE DB driver (Microsoft OLE DB Driver for SQL Server) used to access SQL Server data. According to connected sources, Microsoft released security updates to...
CVE-2024-28913
Summary: CVE-2024-28913 is a remote code execution vulnerability in the Microsoft OLE DB Driver for SQL Server. Multiple connected sources (Nessus patch notes and Microsoft update KBs) confirm this family of RCE issues affecting the OLE DB driver components and list CVE-2024-28913 among the vulne...
CVE-2024-29984
CVE-2024-29984 is a remote code execution vulnerability affecting the Microsoft OLE DB Driver for SQL Server. The issue concerns the OLE DB driver components (18.x and 19.x) and can be exploited over the network with user interaction required, per CVSS:3.1 base metrics (AV:N, AC:L, PR:N, UI:R, C:...
CVE-2024-28944
CVE-2024-28944 affects Microsoft OLE DB Driver for SQL Server. The vulnerability is a Remote Code Execution issue in the OLE DB Driver components and is addressed by Microsoft security updates KB5036343 (SQL Server 2022 CU12 and related builds) and KB5037572 (OLE DB Driver 18 for SQL Server). The...
CVE-2024-28940
Summary (CVE-2024-28940) Affects Microsoft’s OLE DB Driver for SQL Server. The vulnerability is a remote code execution flaw in the OLE DB Driver components, enabling an attacker to run arbitrary code on a vulnerable system over the network, with high impact (C/H/I/A = High). The CVSS v3.1 metric...
CVE-2024-29044
CVE-2024-29044 : Microsoft OLE DB Driver for SQL Server Remote Code Execution vulnerability. Connected documentation confirms impact via the OLE DB driver component and lists a security update (KB5036335) that fixes it for SQL Server 2019 CU25, bringing product version to 15.0.4360.2 (Windows) / ...
CVE-2024-26186
CVE-2024-26186 is a Microsoft SQL Server Native Scoring remote code execution vulnerability. The Nessus/NVD data show exploitation requires network access with low attack complexity and low privileges, yielding high impact (C/H/I/A) per CVSS v3.1 (8.8, HIGH). Connected updates indicate affected p...
CVE-2024-28934
CVE-2024-28934 refers to a remote code execution vulnerability in the Microsoft ODBC Driver for SQL Server. The connected MS update advisories confirm fixes in the ODBC Driver components: Driver 17 (SQL Server ODBC Driver 17) updated to build 17.10.6.1 and Driver 18 updated to build 18.3.3.1, add...
CVE-2024-29043
CVE-2024-29043 affects the Microsoft ODBC Driver for SQL Server. The advisory set shows this is a remote code execution vulnerability (network attack surface) that can impact ODBC Driver components when handling SQL Server connections. Microsoft released updates in April 2024 to fix the issue acr...
CVE-2024-28926
CVE-2024-28926 affects the Microsoft OLE DB Driver for SQL Server. Public materials in the connected docs identify it as a remote code execution vulnerability. Security updates exist for the OLE DB Driver across SQL Server releases: for OLE DB Driver 18, update to SQL Server 18.7.0002.0; for OLE ...
CVE-2024-28939
CVE-2024-28939 : Microsoft OLE DB Driver for SQL Server has a remote code execution vulnerability. Technical context from connected documents shows the flaw exists in the OLE DB Driver component and can lead to arbitrary code execution on affected systems. The vulnerability is tracked with a high...
CVE-2024-28932
CVE-2024-28932 is a remote code execution vulnerability in Microsoft ODBC Driver for SQL Server. Connected sources confirm the issue affects the ODBC Driver family and is addressed by Microsoft security updates. Specifically, security updates KB5037570/KB5037571 cover ODBC Driver 17 for SQL Serve...
CVE-2024-28938
CVE-2024-28938 corresponds to a Remote Code Execution vulnerability in Microsoft ODBC Driver for SQL Server. The issue affects the ODBC Driver family (notably components used by SQL Server clients) and is tied to improper handling that could permit arbitrary code execution. Microsoft has released...
CVE-2024-28909
CVE-2024-28909 is a remote code execution vulnerability in the Microsoft OLE DB Driver for SQL Server. Multiple connected sources confirm it affects the OLE DB Driver components and can lead to arbitrary code execution on a vulnerable system. Microsoft has published security updates fixing this i...
CVE-2024-28908
CVE-2024-28908 refers to a remote code execution vulnerability in Microsoft OLE DB Driver for SQL Server. The issue is associated with the OLE DB Driver components used with SQL Server and has been addressed by Microsoft in APR 2024 security updates (e.g., KB5035432 for SQL Server 2019/KB5035434 ...
CVE-2024-28935
CVE-2024-28935 pertains to the Microsoft ODBC Driver for SQL Server. It is a Remote Code Execution vulnerability in the ODBC Driver component. The public record indicates an RCE vulnerability with CVSSv3 base score 8.8 (Network, high impact, user interaction required). Microsoft’s April 2024 secu...
CVE-2024-20701
CVE-2024-20701 is a SQL Server Native Client OLE DB Provider Remote Code Execution vulnerability. Publicly documented impact states that exploitation leads to arbitrary code execution on the client/server context when connecting to SQL Server. The issue is among a set of SQL Server vulnerabilitie...
CVE-2024-29046
CVE-2024-29046 — Microsoft OLE DB Driver for SQL Server Remote Code Execution is a high-severity vulnerability (CVSS v3.1: 8.8) affecting the OLE DB Driver for SQL Server. The issue enables remote code execution and is exploitable via network access with user interaction required; the attack surf...
CVE-2024-28927
CVE-2024-28927 is a Microsoft OLE DB Driver for SQL Server Remote Code Execution vulnerability. Public docs identify the affected component as the Microsoft OLE DB Driver for SQL Server, with remediation provided via security updates KB5037572 (OLDB Driver 18.x, SQL Server 18.7.0002.0) and KB5037...
CVE-2024-29982
CVE-2024-29982 concerns the Microsoft OLE DB Driver for SQL Server Remote Code Execution vulnerability. Public sources describe exploitation as remote code execution via the OLE DB driver; exploitation status is not provided in the supplied documents. Affected products include Microsoft OLE DB Dr...
CVE-2024-28942
CVE-2024-28942 pertains to the Microsoft OLE DB Driver for SQL Server. Public docs confirm a remote code execution vulnerability in the OLE DB driver, with exploitation potential over the network and requiring user interaction (per CVSS: 3.1, AV:N, AC:L, PR:N, UI:R, S:U, C/H/I/A: H). Connected so...
CVE-2024-28910
CVE-2024-28910 is a Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Connected sources confirm this affects the Microsoft OLE DB Driver for SQL Server (components used by SQL Server clients) and is addressed via security updates released in the April 9, 2024 updates. Mi...
CVE-2024-28912
The CVE CVE-2024-28912 affects Microsoft OLE DB Driver for SQL Server. It is a remote code execution vulnerability (attack vector: network) in the OLE DB driver components that can allow an attacker to execute arbitrary code on the target system with no privileges and user interaction required. I...
CVE-2024-29047
CVE-2024-29047 pertains to the Microsoft OLE DB Driver for SQL Server Remote Code Execution. Public docs confirm an RCE vulnerability affecting the OLE DB Driver family and identify related Microsoft security updates. The KB notes describe updates for Microsoft OLE DB Driver 18 for SQL Server (KB...
CVE-2024-21303
CVE-2024-21303 is a SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability. The issue affects the OLE DB Provider component used by SQL Server clients, with a remote attacker able to trigger code execution by supplying malicious data during client-server interaction. The vul...
CVE-2024-28945
CVE-2024-28945 concerns the Microsoft OLE DB Driver for SQL Server. Connected sources confirm this is a remote code execution vulnerability affecting the OLE DB driver family (SQL Server components) and that security updates exist. Nessus/plugin data lists CVE-2024-28945 among related Oracle/ODBC...
CVE-2024-37336
CVE-2024-37336 affects SQL Server Native Client OLE DB Provider. It is a remote code execution vulnerability in the OLE DB client used by SQL Server, with base score 8.8 (HIGH). Microsoft released a security update (July 2024) to fix this and related CVEs; the update package for SQL Server 2016 S...
CVE-2024-38087
CVE-2024-38087 is a SQL Server Native Client OLE DB Provider Remote Code Execution vulnerability. Affected component: SQL Server Native Client OLE DB Provider (client and server interaction via the OLE DB driver). Root cause: vulnerability in the OLE DB Provider that can allow arbitrary code exec...
CVE-2024-49021
CVE-2024-49021 is a Microsoft SQL Server Remote Code Execution vulnerability. Public documents identify the affected component as SQL Server (server-side) with the CVE labeled as a remote code execution issue. The vulnerability is described with a high impact on confidentiality, integrity, and av...
CVE-2024-37323
CVE-2024-37323 is a SQL Server Native Client OLE DB Provider Remote Code Execution vulnerability affecting SQL Server Native Client/OLE DB Provider usage. The CVSSv3.1 base score is 8.8 (HIGH); attack vector NETWORK, attack complexity LOW, privileges required NONE, user interaction REQUIRED, and ...
CVE-2024-37332
CVE-2024-37332 is a Remote Code Execution vulnerability affecting the SQL Server Native Client OLE DB Provider. The CVSSv3.1 vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) yields a base score of 8.8 (HIGH). Connected documents confirm the CVE is part of a broader set of SQL Server NCDP vulnerabilit...
CVE-2024-21332
CVE-2024-21332 is a SQL Server Native Client OLE DB Provider Remote Code Execution vulnerability. Affected component: SQL Server Native Client OLE DB Provider. Underlying issue: remote code execution (CVSS v3.1: 8.8; AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). Exploitation would require network access ...