12 matches found
CVE-2021-1636
Technical details about CVE-2021-1636 are not publicly provided in the supplied documents. Please monitor for updates from official sources for affected products, vulnerable components, impact, and remediation.
CVE-2023-23384
CVE-2023-23384 is described in the connected documents as a Microsoft SQL Server remote code execution vulnerability reachable over the network. Nessus plugin entries for April 2023 (SMB_NT_MS23_APR_MSSQL_REMOTE.NASL and SMB_NT_MS23_APR_MSSQL.NASL) confirm a remote code execution issue, with self...
CVE-2019-1068
CVE-2019-1068 is a remote code execution vulnerability in Microsoft SQL Server triggered by incorrect handling of internal functions. The CVE is publicly documented with CVSS2/3 scores (6.5/8.8) and is linked to Microsoft security updates KB4505222/KB4505224 (and related KBs) addressing SQL Serve...
CVE-2023-21713
CVE-2023-21713 is a Microsoft SQL Server remote code execution vulnerability. The CVE is addressed in the February 2023 security updates for SQL Server 2019/GDR (KB5021125) and related KBs, which list CVE-2023-21713 among addressed issues. The vulnerability affects SQL Server components and is mi...
CVE-2022-29143
CVE-2022-29143 describes a remote code execution vulnerability in Microsoft SQL Server where a specially crafted query against a table with a Column Store index can corrupt memory. Public details in the connected sources indicate exploitation could occur through authenticated access over network,...
CVE-2023-21705
CVE-2023-21705 is a Microsoft SQL Server remote code execution vulnerability. Public documents indicate the issue is addressed in security updates for SQL Server 2019 GDR (KB5021125) which fixes multiple CVEs including CVE-2023-21705; the update targets SQL Server 2019 and brings the product to b...
CVE-2018-8273
CVE-2018-8273 is a buffer overflow vulnerability in Microsoft SQL Server that could allow remote code execution. Public details identify affected products as Microsoft SQL Server (notably SQL Server 2016/2017 families) with exploitation described as requiring the ability to execute SQL queries ag...
CVE-2019-0819
CVE-2019-0819 is an information-disclosure vulnerability in Microsoft SQL Server Analysis Services where metadata permissions are not enforced correctly. Exploitation requires credentials to access an affected Analysis Services database, potentially leaking restricted data due to flaws in Object-...
CVE-2023-21528
CVE-2023-21528 is a Microsoft SQL Server Remote Code Execution vulnerability. In SQL Server 2008 R2 SP3 GDR, updates described in KB5021112 fix CVE-2023-21528 (builds including SQLServer2008R2-KB5021112-x64.exe, version 10.50.6785.2). In SQL Server 2019, fixes are included in KB5021125 (build: SQ...
CVE-2023-36728
CVE-2023-36728 is a Denial-of-Service vulnerability impacting Microsoft SQL Server components. Public references in the supplied documents describe DoS impact from a malformed TDS packet/login handling that can lead to unavailability or undefined behavior, as cited in the October 2023 security up...
CVE-2023-21718
Technical details for CVE-2023-21718 are not provided in the supplied documents; no specific affected products, versions, impact, or fixes are listed here. Monitor for updates.
CVE-2023-21704
CVE-2023-21704 is a vulnerability in the Microsoft ODBC Driver for SQL Server that enables remote code execution. Microsoft’s security update KB5021126 addresses CVE-2023-21704 as part of a CU/patch bundle, updating the ODBC driver component used by SQL Server connectivity. The documented impact ...