Microsoft SQL Server 访问控制错误漏洞

Microsoft SQL Server is a large commercial database system from Microsoft Corporation USA that is used under the Microsoft Windows system. An access control error vulnerability exists in Microsoft SQL Server. An attacker can exploit the vulnerability to elevate privileges. The following products...

Microsoft SQL Server SQL注入漏洞

Microsoft SQL Server is a large commercial database system from Microsoft Corporation USA that is applied under the Microsoft Windows system. A SQL injection vulnerability exists in Microsoft SQL Server. An attacker can exploit the vulnerability to elevate privileges. The following products and...

PT-2025-32739 · Microsoft · Sql Server

Name of the Vulnerable Software and Affected Versions: SQL Server affected versions not specified Description: Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network. Recommendations: At the moment, there is no information about a newer version th...

PT-2025-32772

Name of the Vulnerable Software and Affected Versions: SQL Server affected versions not specified Description: The improper neutralization of special elements used in an SQL command 'SQL injection' in SQL Server allows an authorized attacker to elevate privileges over a network. Recommendations: ...

Security Updates for Microsoft SQL Server (August 2025)

The Microsoft SQL Server installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - An elevation of privilege vulnerability. CVE-2025-53727 Note that Nessus has not tested for this issue but has instead relied only on the application...

Microsoft SQL Server 安全漏洞

Microsoft SQL Server is a large commercial database system from Microsoft Corporation USA that is used under Microsoft Windows. A security vulnerability exists in Microsoft SQL Server. An attacker can exploit the vulnerability to elevate privileges. The following products and versions are...

Microsoft SQL Server SQL注入漏洞

Microsoft SQL Server is a large commercial database system from Microsoft Corporation USA that is applied under the Microsoft Windows system. A SQL injection vulnerability exists in Microsoft SQL Server. An attacker can exploit the vulnerability to elevate privileges. The following products and...

Oracle MySQL Server Resource Management Error Vulnerability (CNVD-2025-17182)

Oracle MySQL Server is a relational database from Oracle Corporation. A resource management error vulnerability exists in Oracle MySQL Server that stems from improper access control of the Optimizer component and can be exploited by an attacker to cause a denial of service...

July Microsoft Patch Tuesday

July Microsoft Patch Tuesday. A total of 152 vulnerabilities - twice as many as in June. Of these, 15 vulnerabilities were added between the June and July MSPT. One vulnerability is exploited in the wild: Memory Corruption - Chromium CVE-2025-6554 One vulnerability has an exploit available on...

Patch Tuesday - July 2025

Microsoft is addressing 137 vulnerabilities this July 2025 Patch Tuesday, which is above average. Microsoft is aware of public disclosure for just one of the vulnerabilities published today, and Microsoft isn’t aware of in-the-wild exploitation for any of today’s batch. This is the tenth...

Security Updates for Microsoft SQL Server (July 2025) (Remote)

The Microsoft SQL Server installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...

CVE-2025-49719

Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network...

CVE-2025-49717

Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network...

CVE-2025-49718

Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network...

Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server

For the first time in 2025, Microsoft's Patch Tuesday updates did not bundle fixes for exploited security vulnerabilities, but the company acknowledged one of the addressed flaws had been publicly known. The patches resolve a whopping 130 vulnerabilities, along with 10 other non-Microsoft CVEs th...

Microsoft Patch Tuesday, July 2025 Edition

Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the weaknesses addressed this month are known to be actively exploited, but 14 of the flaws earned Microsoft's most-dire "critical" rating, meaning they...

Vulnerabilities fixed in Microsoft SQL Server

Microsoft has fixed vulnerabilities in SQL Server. A malicious party could exploit the vulnerabilities to execute arbitrary code or gain access to sensitive data. Of the vulnerability with reference CVE-2025-49719, Microsoft says it has information that it has the attention of researchers on clos...

CVE-2025-49719

Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network...

CVE-2025-49719

Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network...

CVE-2025-49717

Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network...