4416 matches found
CVE-2020-0618
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'...
CVE-2010-1886
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 SP2 and R2, and Windows 7 allow local users to gain privileges by leveraging access to a process with NetworkService credentials, as demonstrated by TAPI Server, SQL Server, and IIS processes...
CVE-2019-1332
A cross-site scripting XSS vulnerability exists when Microsoft SQL Server Reporting Services SSRS does not properly sanitize a specially-crafted web request to an affected SSRS server, aka 'Microsoft SQL Server Reporting Services XSS Vulnerability'...
CVE-2019-0819
An information disclosure vulnerability exists in Microsoft SQL Server Analysis Services when it improperly enforces metadata permissions, aka 'Microsoft SQL Server Analysis Services Information Disclosure Vulnerability'...
CVE-2019-1313
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio SSMS when it improperly enforces permissions, aka 'SQL Server Management Studio Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1376...
CVE-2019-1376
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio SSMS when it improperly enforces permissions, aka 'SQL Server Management Studio Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1313...
CVE-2019-3619
Information Disclosure vulnerability in the Agent Handler in McAfee ePolicy Orchestrator ePO 5.9.x and 5.10.0 prior to 5.10.0 update 4 allows remote unauthenticated attacker to view sensitive information in plain text via sniffing the traffic between the Agent Handler and the SQL server...
CVE-2013-3563
Stack-based buffer overflow in dbnetserver in Lianja SQL Server before 1.0.0RC5.2 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a crafted string to TCP port 8001...
CVE-2019-1068
A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka 'Microsoft SQL Server Remote Code Execution Vulnerability'...
CVE-2012-4015
Cross-site scripting XSS vulnerability in the management screen in myLittleTools myLittleAdmin for SQL Server 2000 allows remote attackers to inject arbitrary web script or HTML via vectors that trigger a crafted database entry...
CVE-2002-1981
Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the "public" role to execute the 1 spMSSetServerProperties or 2 spMSsetalertinfo stored procedures, which allows attackers to modify configuration including SQL server startup and alert settings...
UBUNTU-CVE-2025-30684
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...
CVE-2025-29803
Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally...
CVE-2025-29803
Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally...
CVE-2025-29803
Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally...
CVE-2025-29803
CVE-2025-29803 affects Microsoft Visual Studio Tools for Applications (VSTA) 2019 (before 16.0.35907.0) and VSTA 2022 (before 17.0.35906.0) and SQL Server Management Studio. The vulnerability is due to an uncontrolled search path element, enabling an authorized attacker to escalate privileges loc...
CVE-2025-29803 Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulnerability
...
CVE-2025-29803 Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulnerability
...
Security Updates for SQL Server Management Studio (April 2025)
The SQL Server Management Studio installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2025-29803 %NASLMINLEVEL 70300 C Tenab...
Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulnerability
Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally...