Lucene search
+L
MicrosoftSql Server 2016

8 matches found

CVE
CVE
added 2024/11/12 5:54 p.m.161 views

CVE-2024-49021

CVE-2024-49021 is a Microsoft SQL Server Remote Code Execution vulnerability. Public documents identify the affected component as SQL Server (server-side) with the CVE labeled as a remote code execution issue. The vulnerability is described with a high impact on confidentiality, integrity, and av...

7.8CVSS8AI score0.00736EPSS
CVE
CVE
added 2025/07/08 4:57 p.m.147 views

CVE-2025-49719

CVE-2025-49719 is an information-disclosure vulnerability in Microsoft SQL Server reported as an information disclosure due to improper input validation. Public sources indicate it affects SQL Server versions dating back to 2016 and is being addressed by Microsoft with security updates; specific ...

7.5CVSS6.7AI score0.1017EPSS
CVE
CVE
added 2026/04/14 4:57 p.m.127 views

CVE-2026-32167

CVE-2026-32167 is a SQL Server Elevation of Privilege vulnerability caused by improper neutralization of input in SQL commands. An authorized local attacker could elevate privileges. Microsoft security updates address this CVE (e.g., KB5084815/KB5084816 for SQL Server 2022/2019 CU releases; relat...

7.8CVSS5.8AI score0.00299EPSS
CVE
CVE
added 2024/11/12 5:53 p.m.116 views

CVE-2024-49043

CVE-2024-49043 is a remote code execution vulnerability in Microsoft.SqlServer.XEvent.Configuration.dll. Connected advisories tie this CVE to SQL Server ecosystems, listing it among a pattern of SQL Server Native Client/XEvent vulnerabilities fixed by November 2024 security updates (KB5046858 for...

7.8CVSS7.8AI score0.00589EPSS
CVE
CVE
added 2026/04/14 4:58 p.m.112 views

CVE-2026-32176

CVE-2026-32176 arises from improper neutralization of input in SQL Server, enabling an authorized local user to elevate privileges. Connected sources confirm this is one of multiple SQL Server elevation-of-privilege issues addressed in the Microsoft April 2026 security updates (e.g., KB5084815 fo...

7.8CVSS5.8AI score0.0025EPSS
CVE
CVE
added 2024/09/10 4:53 p.m.96 views

CVE-2024-37337

CVE-2024-37337 corresponds to a Microsoft SQL Server Native Scoring Information Disclosure vulnerability. Public references in connected documents confirm information disclosure as the impact vector, with exploitation likely via SQL Server components, and remediation via Sept 2024 security update...

7.1CVSS5.8AI score0.0166EPSS
CVE
CVE
added 2024/09/10 4:53 p.m.96 views

CVE-2024-37342

CVE-2024-37342 is a Microsoft SQL Server information-disclosure vulnerability in the SQL Server Native Scoring/Machine Learning components. Public details across connected documents confirm: affected software includes SQL Server 2017 (GDR) and SQL Server 2022 CU14 builds; the issue is tracked as ...

7.1CVSS5.8AI score0.0166EPSS
CVE
CVE
added 5 days ago31 views

CVE-2026-47296

CVE-2026-47296 is an elevation-of-privilege vulnerability in Microsoft SQL Server caused by improper neutralization of special elements used in a SQL command (SQL injection). An authorized attacker operating locally with low privileges and no user interaction can escalate privileges (impacting co...

7.8CVSS6AI score0.00232EPSS