Network World

Microsoft plugs privilege elevation flaw in SQL server

Microsoft’s SQL Server 7.0 and 2000 software contain a critical flaw that allows low privilege users to elevate their privilege level and make changes to tasks created by other users, the company said ...

Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-days

Today is Microsoft's May 2026 Patch Tuesday, with security updates for 120 flaws and no zero-days disclosed this month.

Ivanti EPM: Security flaws allow SQL injection, privilege escalation

Ivanti warns of three security vulnerabilities in Endpoint Manager (EPM). They allow SQL injection or privilege escalation.

ProFTPD: Code injection via mod_sql possible

The FTP server ProFTPD includes a module called mod_sql. It contains an SQL injection vulnerability that can ultimately lead to the execution of injected code.