CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2025/12/02 9:15 p.m.•8 views

CVE-2025-62575

8.8CVSS0.00353EPSS

NVD•added 2025/12/02 9:15 p.m.•15 views

CVE-2025-64298

NMIS/BioDose V22.02 and previous version installations where the embedded Microsoft SQLServer Express is used are exposed in the Windows share accessed by clients in networked installs. By default, this directory has insecure directory paths that allow access to the SQL Server database and...

8.6CVSS0.00201EPSS

Cvelist•added 2025/12/02 9:5 p.m.•7 views

CVE-2025-64298 Mirion Medical EC2 Software NMIS BioDose Incorrect Permission Assignment for Critical Resource

8.6CVSS0.00201EPSS

Vulnrichment•added 2025/12/02 9:5 p.m.•5 views

CVE-2025-64298 Mirion Medical EC2 Software NMIS BioDose Incorrect Permission Assignment for Critical Resource

8.6CVSS6.9AI score0.00201EPSS

Metasploit•added 2025/11/24 6:58 p.m.•345 views

Microsoft Windows SMB to MSSQL Relay

This module supports running an SMB server which validates credentials, and then attempts to execute a relay attack against an MSSQL server on the configured RHOSTS hosts. If the relay succeeds, an MSSQL session to the target will be created. This can be used by any modules that support MSSQL...

6.1AI score

Krebs on Security•added 2025/11/16 9:47 p.m.•12 views

Microsoft Patch Tuesday, November 2025 Edition

Microsoft this week pushed security updates to fix more than 60 vulnerabilities in its Windows operating systems and supported software, including at least one zero-day bug that is already being exploited. Microsoft also fixed a glitch that prevented some Windows 10 users from taking advantage of...

7.8CVSS7AI score0.061EPSS

Exploits6

Tenable Nessus•added 2025/11/14 12:0 a.m.•10 views

Security Updates for Microsoft SQL Server (November 2025)

The Microsoft SQL Server installation on the remote host is missing a security update. It is, therefore, affected a vulnerability: - Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges over a network...

8.8CVSS6AI score0.01114EPSS

Exploits0References9

Qualys Blog•added 2025/11/11 7:47 p.m.•10 views

Microsoft Patch Tuesday, November 2025 Security Update Review

Microsoft released its November Patch Tuesday Security Updates. Here's a quick breakdown of what you need to know. Microsoft Patch Tuesday for November 2025 This month's release addresses 68 vulnerabilities, including five critical and 59 important-severity vulnerabilities. In this month's update...

9.8CVSS8.8AI score0.061EPSS

Exploits8

NCSC•added 2025/11/11 6:34 p.m.•7 views

Vulnerability fixed in Microsoft SQL Server

Microsoft has fixed a vulnerability in SQL Server. An authenticated malicious party can exploit the vulnerability to use specially prepared SQL statements SQL Injection to grant themselves elevated privileges and thus gain access to sensitive information that the malicious party is not initially...

NVD•added 2025/11/11 6:15 p.m.•5 views

CVE-2025-59499

Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges over a network...

8.8CVSS0.01114EPSS

Vulnrichment•added 2025/11/11 5:59 p.m.•5 views

CVE-2025-59499 Microsoft SQL Server Elevation of Privilege Vulnerability

...

8.8CVSS6.6AI score0.01114EPSS

CVE•added 2025/11/11 5:59 p.m.•56 views

CVE-2025-59499

CVE-2025-59499 is a Microsoft SQL Server Elevation of Privilege vulnerability caused by improper neutralization of special elements in SQL commands (SQL injection). Exploitation could allow an authenticated attacker to elevate privileges over the network without user interaction. The CVE is addre...

8.8CVSS5.9AI score0.01114EPSS

Exploits0References1Affected Software4

Cvelist•added 2025/11/11 5:59 p.m.•8 views

CVE-2025-59499 Microsoft SQL Server Elevation of Privilege Vulnerability

...

8.8CVSS0.01114EPSS

Microsoft KB•added 2025/11/11 8:0 a.m.•14 views

KB5068404 - Description of the security update for SQL Server 2019 CU32: November 11, 2025

KB5068404 - Description of the security update for SQL Server 2019 CU32: November 11, 2025 Summary Improvements and fixes included in this update How to obtain and install the update How to obtain or download the latest cumulative update package for Linux More information File information...

Microsoft KB•added 2025/11/11 8:0 a.m.•17 views

KB5068403 - Description of the security update for SQL Server 2017 GDR: November 11, 2025

KB5068403 - Description of the security update for SQL Server 2017 GDR: November 11, 2025 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This security update contains...

Microsoft KB•added 2025/11/11 8:0 a.m.•17 views

KB5068402 - Description of the security update for SQL Server 2017 CU31: November 11, 2025

KB5068402 - Description of the security update for SQL Server 2017 CU31: November 11, 2025 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This security update contains...

Microsoft KB•added 2025/11/11 8:0 a.m.•25 views

KB5068401 - Description of the security update for SQL Server 2016 SP3 GDR: November 11, 2025

KB5068401 - Description of the security update for SQL Server 2016 SP3 GDR: November 11, 2025 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This security update contai...