Total
97 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-21718 | 1 Microsoft | 1 Sql Server | 2023-02-23 | N/A | 7.8 HIGH |
Microsoft SQL ODBC Driver Remote Code Execution Vulnerability | |||||
CVE-2023-21705 | 1 Microsoft | 1 Sql Server | 2023-02-23 | N/A | 8.8 HIGH |
Microsoft SQL Server Remote Code Execution Vulnerability | |||||
CVE-2023-21528 | 1 Microsoft | 1 Sql Server | 2023-02-23 | N/A | 7.8 HIGH |
Microsoft SQL Server Remote Code Execution Vulnerability | |||||
CVE-2023-21713 | 1 Microsoft | 1 Sql Server | 2023-02-23 | N/A | 8.8 HIGH |
Microsoft SQL Server Remote Code Execution Vulnerability | |||||
CVE-2023-21704 | 1 Microsoft | 1 Sql Server | 2023-02-23 | N/A | 7.8 HIGH |
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | |||||
CVE-2017-8516 | 1 Microsoft | 1 Sql Server | 2022-10-26 | 5.0 MEDIUM | 7.5 HIGH |
Microsoft SQL Server Analysis Services in Microsoft SQL Server 2012, Microsoft SQL Server 2014, and Microsoft SQL Server 2016 allows an information disclosure vulnerability when it improperly enforces permissions, aka "Microsoft SQL Server Analysis Services Information Disclosure Vulnerability". | |||||
CVE-2022-29143 | 1 Microsoft | 1 Sql Server | 2022-06-24 | 6.0 MEDIUM | 7.5 HIGH |
Microsoft SQL Server Remote Code Execution Vulnerability. | |||||
CVE-2022-23276 | 2 Linux, Microsoft | 2 Linux Kernel, Sql Server | 2022-02-14 | 4.6 MEDIUM | 7.8 HIGH |
SQL Server for Linux Containers Elevation of Privilege Vulnerability. | |||||
CVE-2020-0618 | 1 Microsoft | 1 Sql Server | 2022-01-01 | 6.5 MEDIUM | 8.8 HIGH |
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'. | |||||
CVE-2018-8273 | 1 Microsoft | 1 Sql Server | 2021-09-13 | 10.0 HIGH | 9.8 CRITICAL |
A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system, aka "Microsoft SQL Server Remote Code Execution Vulnerability." This affects Microsoft SQL Server. | |||||
CVE-2002-0057 | 1 Microsoft | 4 Internet Explorer, Sql Server, Windows Xp and 1 more | 2021-07-23 | 5.0 MEDIUM | N/A |
XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source. | |||||
CVE-2008-3013 | 1 Microsoft | 13 Digital Image Suite, Forefront Client Security, Internet Explorer and 10 more | 2021-07-23 | 9.3 HIGH | N/A |
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka "GDI+ GIF Parsing Vulnerability." | |||||
CVE-2021-1636 | 1 Microsoft | 1 Sql Server | 2021-01-14 | 6.5 MEDIUM | 8.8 HIGH |
Microsoft SQL Elevation of Privilege Vulnerability | |||||
CVE-2019-0819 | 1 Microsoft | 1 Sql Server | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
An information disclosure vulnerability exists in Microsoft SQL Server Analysis Services when it improperly enforces metadata permissions, aka 'Microsoft SQL Server Analysis Services Information Disclosure Vulnerability'. | |||||
CVE-2019-1068 | 1 Microsoft | 1 Sql Server | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka 'Microsoft SQL Server Remote Code Execution Vulnerability'. | |||||
CVE-2001-0509 | 1 Microsoft | 4 Exchange Server, Sql Server, Windows 2000 and 1 more | 2020-04-02 | 5.0 MEDIUM | N/A |
Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs. | |||||
CVE-2001-0879 | 1 Microsoft | 4 Sql Server, Windows 2000, Windows Nt and 1 more | 2019-04-30 | 5.0 MEDIUM | N/A |
Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service. | |||||
CVE-2002-0224 | 1 Microsoft | 3 Internet Information Services, Sql Server, Windows 2000 | 2019-04-30 | 5.0 MEDIUM | N/A |
The MSDTC (Microsoft Distributed Transaction Service Coordinator) for Microsoft Windows 2000, Microsoft IIS 5.0 and SQL Server 6.5 through SQL 2000 0.0 allows remote attackers to cause a denial of service (crash or hang) via malformed (random) input. | |||||
CVE-2008-0085 | 1 Microsoft | 7 Data Engine, Sql Server, Sql Server Desktop Engine and 4 more | 2019-02-27 | 5.0 MEDIUM | N/A |
SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 does not initialize memory pages when reallocating memory, which allows database operators to obtain sensitive information (database contents) via unknown vectors related to memory page reuse. | |||||
CVE-2008-0107 | 1 Microsoft | 8 Data Engine, Sql Server, Sql Server Desktop Engine and 5 more | 2019-02-26 | 9.0 HIGH | N/A |
Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 allows remote authenticated users to execute arbitrary code via a (1) SMB or (2) WebDAV pathname for an on-disk file (aka stored backup file) with a crafted record size value, which triggers a heap-based buffer overflow, aka "SQL Server Memory Corruption Vulnerability." |