Lucene search

K
MicrosoftSql Server

231 matches found

CVE
CVE
added 2017/08/08 9:29 p.m.50423 views

CVE-2017-8516

Microsoft SQL Server Analysis Services in Microsoft SQL Server 2012, Microsoft SQL Server 2014, and Microsoft SQL Server 2016 allows an information disclosure vulnerability when it improperly enforces permissions, aka "Microsoft SQL Server Analysis Services Information Disclosure Vulnerability".

7.5CVSS7.1AI score0.01089EPSS
CVE
CVE
added 2021/01/12 8:15 p.m.4568 views

CVE-2021-1636

Microsoft SQL Elevation of Privilege Vulnerability

8.8CVSS8.8AI score0.02889EPSS
CVE
CVE
added 2015/07/14 11:59 p.m.3023 views

CVE-2015-1763

Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 does not prevent use of uninitialized memory in certain attempts to execute virtual functions, which allows remote authenticated users to execute arbitrary code via a crafted query, aka "SQL Server Remote Code Ex...

8.5CVSS8AI score0.10746EPSS
CVE
CVE
added 2023/04/11 9:15 p.m.2802 views

CVE-2023-23384

Microsoft SQL Server Remote Code Execution Vulnerability

7.3CVSS7.6AI score0.00795EPSS
CVE
CVE
added 2019/07/15 7:15 p.m.1980 views

CVE-2019-1068

A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka 'Microsoft SQL Server Remote Code Execution Vulnerability'.

8.8CVSS8.9AI score0.42689EPSS
CVE
CVE
added 2023/02/14 8:15 p.m.1491 views

CVE-2023-21713

Microsoft SQL Server Remote Code Execution Vulnerability

8.8CVSS9.3AI score0.00434EPSS
CVE
CVE
added 2020/02/11 10:15 p.m.1418 views

CVE-2020-0618

A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'.

8.8CVSS8.5AI score0.94252EPSS
CVE
CVE
added 2022/06/15 10:15 p.m.1249 views

CVE-2022-29143

Microsoft SQL Server Remote Code Execution Vulnerability

7.5CVSS7.9AI score0.00705EPSS
CVE
CVE
added 2012/08/15 1:55 a.m.1183 views

CVE-2012-1856

The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1, and R2 SP2, Commerce Server 2002 SP4, Commerce ...

9.3CVSS7.9AI score0.91953EPSS
CVE
CVE
added 2023/08/08 6:15 p.m.1173 views

CVE-2023-38169

Microsoft SQL OLE DB Remote Code Execution Vulnerability

8.8CVSS9AI score0.00379EPSS
CVE
CVE
added 2023/10/10 6:15 p.m.1048 views

CVE-2023-36785

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

7.8CVSS8.1AI score0.00566EPSS
CVE
CVE
added 2019/05/16 7:29 p.m.956 views

CVE-2019-0819

An information disclosure vulnerability exists in Microsoft SQL Server Analysis Services when it improperly enforces metadata permissions, aka 'Microsoft SQL Server Analysis Services Information Disclosure Vulnerability'.

6.5CVSS6.1AI score0.06012EPSS
CVE
CVE
added 2023/02/14 8:15 p.m.854 views

CVE-2023-21705

Microsoft SQL Server Remote Code Execution Vulnerability

8.8CVSS9.3AI score0.00566EPSS
CVE
CVE
added 2015/07/14 11:59 p.m.819 views

CVE-2015-1762

Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014, when transactional replication is configured, does not prevent use of uninitialized memory in unspecified function calls, which allows remote authenticated users to execute arbitrary code by leveraging certain p...

7.1CVSS8AI score0.02025EPSS
CVE
CVE
added 2018/08/15 5:29 p.m.713 views

CVE-2018-8273

A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system, aka "Microsoft SQL Server Remote Code Execution Vulnerability." This affects Microsoft SQL Server.

10CVSS9.8AI score0.11848EPSS
CVE
CVE
added 2023/02/14 8:15 p.m.698 views

CVE-2023-21528

Microsoft SQL Server Remote Code Execution Vulnerability

7.8CVSS8AI score0.00135EPSS
CVE
CVE
added 2023/10/10 6:15 p.m.675 views

CVE-2023-36728

Microsoft SQL Server Denial of Service Vulnerability

5.5CVSS5.9AI score0.0008EPSS
CVE
CVE
added 2024/01/09 6:15 p.m.576 views

CVE-2024-0056

Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability

8.7CVSS9.1AI score0.00346EPSS
CVE
CVE
added 2016/11/10 7:0 a.m.559 views

CVE-2016-7250

Microsoft SQL Server 2014 SP1, 2014 SP2, and 2016 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability."

8.8CVSS8.6AI score0.16567EPSS
CVE
CVE
added 2023/10/10 6:15 p.m.558 views

CVE-2023-36417

Microsoft SQL OLE DB Remote Code Execution Vulnerability

7.8CVSS8AI score0.00433EPSS
CVE
CVE
added 2023/02/14 8:15 p.m.555 views

CVE-2023-21718

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

7.8CVSS8AI score0.00408EPSS
CVE
CVE
added 2022/02/09 5:15 p.m.545 views

CVE-2022-23276

SQL Server for Linux Containers Elevation of Privilege Vulnerability

7.8CVSS8AI score0.00159EPSS
CVE
CVE
added 2023/06/16 1:15 a.m.478 views

CVE-2023-29349

Microsoft ODBC and OLE DB Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.00554EPSS
CVE
CVE
added 2023/02/14 8:15 p.m.464 views

CVE-2023-21704

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

7.8CVSS8AI score0.0029EPSS
CVE
CVE
added 2023/10/10 6:15 p.m.461 views

CVE-2023-36730

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

7.8CVSS8.1AI score0.00532EPSS
CVE
CVE
added 2023/06/16 1:15 a.m.459 views

CVE-2023-32027

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

7.8CVSS8.1AI score0.01131EPSS
CVE
CVE
added 2023/10/10 6:15 p.m.458 views

CVE-2023-36420

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

7.8CVSS8.1AI score0.00433EPSS
CVE
CVE
added 2023/06/16 1:15 a.m.452 views

CVE-2023-32025

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

7.8CVSS8.1AI score0.01131EPSS
CVE
CVE
added 2023/06/16 1:15 a.m.439 views

CVE-2023-32028

Microsoft SQL OLE DB Remote Code Execution Vulnerability

7.8CVSS8.2AI score0.01043EPSS
CVE
CVE
added 2023/06/16 1:15 a.m.417 views

CVE-2023-32026

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

7.8CVSS8.1AI score0.01131EPSS
CVE
CVE
added 2023/06/16 1:15 a.m.415 views

CVE-2023-29356

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

7.8CVSS8.1AI score0.00555EPSS
CVE
CVE
added 2016/11/10 7:0 a.m.410 views

CVE-2016-7253

The agent in Microsoft SQL Server 2012 SP2, 2012 SP3, 2014 SP1, 2014 SP2, and 2016 does not properly check the atxcore.dll ACL, which allows remote authenticated users to gain privileges via unspecified vectors, aka "SQL Server Agent Elevation of Privilege Vulnerability."

8.8CVSS8.6AI score0.18223EPSS
CVE
CVE
added 2015/07/14 11:59 p.m.387 views

CVE-2015-1761

Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 uses an incorrect class during casts of unspecified pointers, which allows remote authenticated users to gain privileges by leveraging certain write access, aka "SQL Server Elevation of Privilege Vulnerability."

6.5CVSS7.1AI score0.08421EPSS
CVE
CVE
added 2024/09/10 5:15 p.m.383 views

CVE-2024-37341

Microsoft SQL Server Elevation of Privilege Vulnerability

9.8CVSS9.3AI score0.08702EPSS
CVE
CVE
added 2014/08/12 9:55 p.m.382 views

CVE-2014-1820

Cross-site scripting (XSS) vulnerability in Master Data Services (MDS) in Microsoft SQL Server 2012 SP1 and 2014 on 64-bit platforms allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "SQL Master Data Services XSS Vulnerability."

4.3CVSS5.4AI score0.1954EPSS
CVE
CVE
added 2024/07/09 5:15 p.m.357 views

CVE-2024-38088

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

8.8CVSS9AI score0.07032EPSS
CVE
CVE
added 2016/11/10 7:0 a.m.351 views

CVE-2016-7252

Microsoft SQL Server 2016 mishandles the FILESTREAM path, which allows remote authenticated users to gain privileges via unspecified vectors, aka "SQL Analysis Services Information Disclosure Vulnerability."

6.5CVSS7.2AI score0.21092EPSS
CVE
CVE
added 2016/11/10 7:0 a.m.339 views

CVE-2016-7249

Microsoft SQL Server 2016 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability."

8.8CVSS8.6AI score0.16567EPSS
CVE
CVE
added 2024/04/09 5:16 p.m.294 views

CVE-2024-29985

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

8.8CVSS9AI score0.02216EPSS
CVE
CVE
added 2024/11/12 6:15 p.m.284 views

CVE-2024-38255

SQL Server Native Client Remote Code Execution Vulnerability

8.8CVSS9AI score0.04558EPSS
CVE
CVE
added 2012/10/09 9:55 p.m.280 views

CVE-2012-2552

Cross-site scripting (XSS) vulnerability in the SQL Server Report Manager in Microsoft SQL Server 2000 Reporting Services SP2 and SQL Server 2005 SP4, 2008 SP2 and SP3, 2008 R2 SP1, and 2012 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "Reflected ...

4.3CVSS5.6AI score0.57732EPSS
CVE
CVE
added 2024/04/09 5:15 p.m.278 views

CVE-2024-28929

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

8.8CVSS9AI score0.01297EPSS
CVE
CVE
added 2016/11/10 7:0 a.m.258 views

CVE-2016-7251

Cross-site scripting (XSS) vulnerability in the MDS API in Microsoft SQL Server 2016 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "MDS API XSS Vulnerability."

6.1CVSS6.6AI score0.07631EPSS
CVE
CVE
added 2024/04/09 5:15 p.m.251 views

CVE-2024-28931

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

8.8CVSS9AI score0.01297EPSS
CVE
CVE
added 2024/04/09 5:15 p.m.236 views

CVE-2024-28943

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

8.8CVSS9AI score0.01629EPSS
CVE
CVE
added 2024/04/09 5:15 p.m.236 views

CVE-2024-29048

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

8.8CVSS9AI score0.01643EPSS
CVE
CVE
added 2024/04/09 5:15 p.m.229 views

CVE-2024-28906

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

8.8CVSS9AI score0.01643EPSS
CVE
CVE
added 2024/04/09 5:15 p.m.229 views

CVE-2024-28930

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

8.8CVSS9AI score0.01297EPSS
CVE
CVE
added 2024/04/09 5:15 p.m.226 views

CVE-2024-28911

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

8.8CVSS9AI score0.01643EPSS
CVE
CVE
added 2024/04/09 5:16 p.m.226 views

CVE-2024-29983

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

8.8CVSS9AI score0.0298EPSS
Total number of security vulnerabilities231