Lucene search
K
MicrosoftSql Server 2022

109 matches found

CVE
CVE
added 2026/01/13 5:56 p.m.73 views

CVE-2026-20803

CVE-2026-20803 is a Microsoft SQL Server elevation of privilege vulnerability. The issue allows an authenticated attacker to gain elevated privileges on the SQL Server instance over a network, due to missing authentication for a critical function. Connected advisories confirm exploitation risk an...

7.2CVSS7.3AI score0.01242EPSS
CVE
CVE
added 2026/03/10 5:4 p.m.68 views

CVE-2026-21262

CVE-2026-21262 affects Microsoft SQL Server and is a privilege-escalation vulnerability caused by improper access control. An authorized, network-present attacker with low privileges can elevate to sysadmin, potentially reading/changing data, creating accounts, or altering configurations, as desc...

8.8CVSS5.8AI score0.02044EPSS
In wild
CVE
CVE
added 2025/11/11 5:59 p.m.63 views

CVE-2025-59499

CVE-2025-59499 is a Microsoft SQL Server Elevation of Privilege vulnerability caused by improper neutralization of special elements in SQL commands (SQL injection). Exploitation could allow an authenticated attacker to elevate privileges over the network without user interaction. The CVE is addre...

8.8CVSS5.9AI score0.01114EPSS
CVE
CVE
added 2026/03/10 5:5 p.m.60 views

CVE-2026-26116

CVE-2026-26116 is a SQL Server Elevation of Privilege vulnerability due to improper neutralization of special elements in SQL commands. Affected product: Microsoft SQL Server (SQL Server 2025 GDR) with potential network‑based exploitation and high impact (CVE-2026-26116). The issue is mitigated b...

8.8CVSS5.8AI score0.01191EPSS
CVE
CVE
added 2025/07/08 4:58 p.m.59 views

CVE-2025-49718

CVE-2025-49718 is a Microsoft SQL Server information-disclosure vulnerability described as “Use of uninitialized resource in SQL Server” that could allow an attacker to disclose information over the network. Connected sources confirm this CVE is addressed by Microsoft security updates and fixes i...

7.5CVSS6.7AI score0.02774EPSS
CVE
CVE
added 2025/08/12 5:9 p.m.48 views

CVE-2025-53727

CVE-2025-53727 is an Elevation of Privilege vulnerability in Microsoft SQL Server tied to improper neutralization of SQL elements (SQL injection). Publicly referenced fixes are included in SQL Server 2017 CU31 (build 14.0.3500.1) per KB5063759 and related security updates, and in SQL Server 2017 ...

8.8CVSS7.8AI score0.01017EPSS
CVE
CVE
added 2025/09/09 5:1 p.m.46 views

CVE-2025-55227

CVE-2025-55227 is an Elevation of Privilege vulnerability in Microsoft SQL Server caused by improper neutralization of special elements in a command (command injection). The CVE entry notes that an authenticated, network-connected attacker can leverage this to elevate privileges. Microsoft adviso...

8.8CVSS7.1AI score0.01249EPSS
CVE
CVE
added 2025/08/12 5:9 p.m.42 views

CVE-2025-49759

CVE-2025-49759 is a Microsoft SQL Server Elevation of Privilege vulnerability arising from improper neutralization of input used in SQL commands (SQL injection) in system procedures. An authenticated attacker could exploit this over a network to elevate privileges within the affected SQL Server d...

8.8CVSS7.8AI score0.01029EPSS
CVE
CVE
added 2025/08/12 5:10 p.m.33 views

CVE-2025-47954

CVE-2025-47954 is a Microsoft SQL Server elevation-of-privilege vulnerability arising from improper neutralization of special elements in SQL commands (SQL injection). It affects SQL Server components where an attacker, leveraging network access and with low privileges, can achieve total privileg...

8.8CVSS7.8AI score0.01355EPSS
Total number of security vulnerabilities109