CVSS: 7.3EPSS: 0%CPEs: 8EXPL: 0CVE-2023-23384 – Microsoft SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-23384
Microsoft SQL Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23384 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-21718 – Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21718
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21718 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-21528 – Microsoft SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21528
Microsoft SQL Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21528 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-31816
https://notcve.org/view.php?id=CVE-2021-31816
When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext. Cuando se configura Octopus Server, si está configurado con una base de datos SQL externa, en la configuración inicial la contraseña de la base de datos se escribe en el archivo de registro OctopusServer.txt en texto plano • https://advisories.octopus.com/adv/2021-05---Cleartext-Storage-of-Sensitive-Information-%28CVE-2021-31816%29.2121793537.html • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-30183
https://notcve.org/view.php?id=CVE-2021-30183
Cleartext storage of sensitive information in multiple versions of Octopus Server where in certain situations when running import or export processes, the password used to encrypt and decrypt sensitive values would be written to the logs in plaintext. Un almacenamiento de texto sin cifrar de información confidencial en múltiples versiones de Octopus Server, donde en determinadas situaciones cuando se ejecutan procesos de importación o exportación, la contraseña usada para cifrar y descifrar valores confidenciales se escribiría en los registros en texto plano • https://advisories.octopus.com/adv/2021-03---Cleartext-Storage-of-Sensitive-Information-%28CVE-2021-30183%29.1817083941.html https://github.com/OctopusDeploy/Issues • CWE-312: Cleartext Storage of Sensitive Information •