Network World

Microsoft plugs privilege elevation flaw in SQL server

Microsoft’s SQL Server 7.0 and 2000 software contain a critical flaw that allows low privilege users to elevate their privilege level and make changes to tasks created by other users, the company said ...

Ivanti EPM: Security flaws allow SQL injection, privilege escalation

Ivanti warns of three security vulnerabilities in Endpoint Manager (EPM). They allow SQL injection or privilege escalation.

Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-days

Today is Microsoft's May 2026 Patch Tuesday, with security updates for 120 flaws and no zero-days disclosed this month.
CSOonline

Critical Magento SQL injection flaw could be targeted by hackers soon

The Magento content management system used by thousands of online shops has received fixes for several serious vulnerabilities, including an unauthenticated SQL injection flaw that’s likely to soon ...

ProFTPD: Code injection via mod_sql possible

The FTP server ProFTPD includes a module called mod_sql. It contains an SQL injection vulnerability that can ultimately lead to the execution of injected code.