71 matches found
CVE-2021-1636
Microsoft SQL Elevation of Privilege Vulnerability...
PT-2021-1604 · Microsoft · Sql Server
Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server affected versions not specified Description: The issue is related to insufficient input validation in Microsoft SQL Server, which can be exploited by a remote attacker to execute arbitrary code. This is an...
KB3162659 - Cumulative Update 7 for SQL Server 2014 SP1
KB3162659 - Cumulative Update 7 for SQL Server 2014 SP1 This article describes cumulative update package 7 build number: 12.0.4459.0 for Microsoft SQL Server 2014 Service Pack 1 SP1. This update contains fixes that were released after the release of SQL Server 2014 SP1. Cumulative update Cumulati...
The vulnerability of the Microsoft SQL Server relational database management system, related to insufficient validation of input data, allows attackers to execute arbitrary code.
The vulnerability of the Microsoft SQL Server relational database management system is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
CVE-2019-10123
SQL Injection in Advanced InfoData Systems AIS ESEL-Server 67 which is the backend for the AIS logistics mobile app allows an anonymous attacker to execute arbitrary code in the context of the user of the MSSQL database. The default user for the database is the 'sa' user...
The vulnerability of the Microsoft SQL Server Management Studio database management system, related to errors in XML references to external objects (XXE), allows for the disclosure of sensitive information.
The vulnerability of the Microsoft SQL Server Management Studio database management system is related to errors in XML references to external objects XXE. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose sensitive information using a specially crafted file...
CVE-2016-7253
The agent in Microsoft SQL Server 2012 SP2, 2012 SP3, 2014 SP1, 2014 SP2, and 2016 does not properly check the atxcore.dll ACL, which allows remote authenticated users to gain privileges via unspecified vectors, aka "SQL Server Agent Elevation of Privilege Vulnerability."...
CVE-2016-7252
Microsoft SQL Server 2016 mishandles the FILESTREAM path, which allows remote authenticated users to gain privileges via unspecified vectors, aka "SQL Analysis Services Information Disclosure Vulnerability."...
Microsoft SQL Server Information Disclosure Vulnerability
Microsoft SQL Server is the United States Microsoft Microsoft company develops and maintains a set of applications in the Microsoft Windows system under the large commercial database system. An information disclosure vulnerability exists in Microsoft SQL Server. An attacker can exploit the...
SQL Server 2022 RTM Cumulative Update (CU) 23 KB5078297
SQL Server 2022 RTM Cumulative Update CU 23 KB5078297...
SQL Server 2019 RTM Cumulative Update (CU) 13 KB5005679
SQL Server 2019 RTM Cumulative Update CU 13 KB5005679...