Sql Server Management Studio Security Vulnerabilities and Issues — Sql Server Management Studio CVE List

MicrosoftSql Server Management Studio

7 matches found

CVE•added 2025/04/12 1:32 a.m.•241 views

CVE-2025-29803

CVE-2025-29803 affects Microsoft Visual Studio Tools for Applications (VSTA) 2019 (before 16.0.35907.0) and VSTA 2022 (before 17.0.35906.0) and SQL Server Management Studio. The vulnerability is due to an uncontrolled search path element, enabling an authorized attacker to escalate privileges loc...

7.3CVSS7.4AI score0.00222EPSS

CVE•added 2020/08/17 7:13 p.m.•138 views

CVE-2020-1455

CVE-2020-1455 affects Microsoft SQL Server Management Studio (SSMS). Reports indicate a Denial of Service condition when SSMS improperly handles files. Exploitation requires initial access (execution on the target system). Public details from MSRC and corroborating third-party sources show the is...

5.5CVSS7AI score0.00813EPSS

CVE•added 2018/10/10 1:0 p.m.•110 views

CVE-2018-8533

CVE-2018-8533 affects Microsoft SQL Server Management Studio (SSMS) v17.9 and v18.0 (Preview 4). The vulnerability is an XML External Entity (XXE) information-disclosure flaw in the XML/XEL/XMLA parsing path, caused by external-entity references in crafted XML content. Exploitation requires user ...

5.5CVSS5.2AI score0.4785EPSS

CVE•added 2018/10/10 1:0 p.m.•97 views

CVE-2018-8532

Microsoft SQL Server Management Studio (SSMS) 17.9 and SSMS 18.0 (Preview 4) are affected by CVE-2018-8532 due to an XML External Entity (XXE) information-disclosure vulnerability when parsing a crafted XMLA file that references an external entity. The vulnerability enables disclosure of sensitiv...

5.5CVSS5.2AI score0.4785EPSS

CVE•added 2018/10/10 1:0 p.m.•90 views

CVE-2018-8527

CVE-2018-8527 (and related CVEs 2018-8532/8533) affect Microsoft SQL Server Management Studio (SSMS) 17.9 and 18.0 Preview 4. The root cause is an XML/XEL parsing flaw that allows XML External Entity (XXE) injection via a malicious XEL/XML/XMLA file, leading to information disclosure. Exploitatio...

5.5CVSS5.2AI score0.4785EPSS

Web

CVE•added 2019/10/10 1:28 p.m.•86 views

CVE-2019-1313

CVE-2019-1313 affects Microsoft SQL Server Management Studio (SSMS). Connected sources describe an information disclosure due to improper enforcement of permissions, enabling potential access to sensitive database/file information. Specifics across documents include affected SSMS versions (e.g., ...

6.5CVSS6.1AI score0.07571EPSS

CVE•added 2019/10/10 1:28 p.m.•75 views

CVE-2019-1376

CVE-2019-1376 describes an information disclosure vulnerability in Microsoft SQL Server Management Studio (SSMS) where permissions are not properly enforced. The connected documents do not provide concrete technical details about the affected component versions, root cause, impact, or remediation...

6.5CVSS6.1AI score0.07571EPSS