Sql Server@2016 Security Vulnerabilities and Issues — Sql Server@2016 CVE List

Lucene search

MicrosoftSql Server2016

4 matches found

CVE•added 2016/11/10 7:0 a.m.•561 views

CVE-2016-7250

Microsoft SQL Server 2014 SP1, 2014 SP2, and 2016 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability."

8.8CVSS8.6AI score0.16567EPSS

CVE•added 2016/11/10 7:0 a.m.•351 views

CVE-2016-7252

Microsoft SQL Server 2016 mishandles the FILESTREAM path, which allows remote authenticated users to gain privileges via unspecified vectors, aka "SQL Analysis Services Information Disclosure Vulnerability."

6.5CVSS7.2AI score0.21092EPSS

CVE•added 2016/11/10 7:0 a.m.•339 views

CVE-2016-7249

Microsoft SQL Server 2016 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability."

8.8CVSS8.6AI score0.16567EPSS

CVE•added 2016/11/10 7:0 a.m.•258 views

CVE-2016-7251

Cross-site scripting (XSS) vulnerability in the MDS API in Microsoft SQL Server 2016 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "MDS API XSS Vulnerability."

6.1CVSS6.6AI score0.07631EPSS