Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql server 2016 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-5049
Directory traversal vulnerability in chat/openattach.aspx in ReadyDesk 9.1 allows remote malicious users to read arbitrary files via a .. (dot dot) in the SESID parameter in conjunction with a filename in the FNAME parameter.
Readydesk Readydesk 9.1
5
CVSSv2
CVE-2016-1035
Adobe RoboHelp Server 9 prior to 9.0.1 mishandles SQL queries, which allows malicious users to obtain sensitive information via unspecified vectors.
Adobe Robohelp 9.0.0.228
Adobe Robohelp 9
Adobe Robohelp 9.0.1
5
CVSSv2
CVE-2016-2388
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote malicious users to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846.
Sap Netweaver Application Server Java
2 EDB exploits
1 Github repository
1 Article
4.6
CVSSv2
CVE-2019-0880
A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls, aka 'Microsoft splwow64 Elevation of Privilege Vulnerability'.
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows 10 1809
Microsoft Windows 10 1903
Microsoft Windows 8.1 -
Microsoft Windows Server 2019 -
Microsoft Windows 10 -
Microsoft Windows 10 1703
Microsoft Windows Server 2012 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2016 1903
Microsoft Windows Rt 8.1 -
Microsoft Windows 10 1607
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 1803
3 Articles
4.6
CVSSv2
CVE-2016-5683
ReadyDesk 9.1 allows local users to determine cleartext SQL Server credentials by reading the SQL_Config.aspx file and decrypting data with a hardcoded key in the ReadyDesk.dll file.
Readydesk Readydesk 9.1
4.3
CVSSv2
CVE-2016-1915
Multiple cross-site scripting (XSS) vulnerabilities in BlackBerry Enterprise Server 12 (BES12) Self-Service prior to 12.4 allow remote malicious users to inject arbitrary web script or HTML via the locale parameter to (1) mydevice/index.jsp or (2) mydevice/loggedOut.jsp.
Blackberry Blackberry Enterprise Service
1 EDB exploit
4.3
CVSSv2
CVE-2016-8019
Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and previous versions) allows unauthenticated remote malicious users to inject arbitrary web script or HTML via a crafted user input.
Mcafee Virusscan Enterprise
1 EDB exploit
1 Article
4.3
CVSSv2
CVE-2016-7251
Cross-site scripting (XSS) vulnerability in the MDS API in Microsoft SQL Server 2016 allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka "MDS API XSS Vulnerability."
Microsoft Sql Server 2016
4.3
CVSSv2
CVE-2016-3562
Unspecified vulnerability in the RDBMS Security and SQL*Plus components in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality via vectors related to DBA.
Oracle Database Server 12.1.0.2
Oracle Database Server 11.2.0.4
4
CVSSv2
CVE-2016-10310
Buffer overflow in the MobiLink Synchronization Server component in SAP SQL Anywhere 17 and possibly earlier allows remote authenticated users to cause a denial of service (resource consumption and process crash) by sending a crafted packet several times, aka SAP Security Note 23...
Sap Sql Anywhere
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »