Sql Server@2019 Security Vulnerabilities and Issues — Sql Server@2019 CVE List

MicrosoftSql Server2019

21 matches found

CVE•added 2021/01/12 7:41 p.m.•4814 views

CVE-2021-1636

Technical details about CVE-2021-1636 are not publicly provided in the supplied documents. Please monitor for updates from official sources for affected products, vulnerable components, impact, and remediation.

8.8CVSS8.8AI score0.06153EPSS

In wild

CVE•added 2023/04/11 7:13 p.m.•2927 views

CVE-2023-23384

CVE-2023-23384 is described in the connected documents as a Microsoft SQL Server remote code execution vulnerability reachable over the network. Nessus plugin entries for April 2023 (SMB_NT_MS23_APR_MSSQL_REMOTE.NASL and SMB_NT_MS23_APR_MSSQL.NASL) confirm a remote code execution issue, with self...

7.3CVSS7.6AI score0.00871EPSS

CVE•added 2023/08/08 5:8 p.m.•2055 views

CVE-2023-38169

CVE-2023-38169 is a Microsoft SQL OLE DB Remote Code Execution vulnerability. Public sources confirm the issue affects Microsoft SQL OLE DB/ODBC components (e.g., OLE DB Driver for SQL Server and SQL Server client libraries) and can be exploited remotely via a network to run code with high impact...

8.8CVSS9AI score0.01221EPSS

CVE•added 2023/02/14 7:33 p.m.•1896 views

CVE-2023-21713

CVE-2023-21713 is a Microsoft SQL Server remote code execution vulnerability. The CVE is addressed in the February 2023 security updates for SQL Server 2019/GDR (KB5021125) and related KBs, which list CVE-2023-21713 among addressed issues. The vulnerability affects SQL Server components and is mi...

8.8CVSS9.3AI score0.01755EPSS

CVE•added 2022/06/15 9:51 p.m.•1350 views

CVE-2022-29143

CVE-2022-29143 describes a remote code execution vulnerability in Microsoft SQL Server where a specially crafted query against a table with a Column Store index can corrupt memory. Public details in the connected sources indicate exploitation could occur through authenticated access over network,...

7.5CVSS7.9AI score0.01961EPSS

CVE•added 2023/10/10 5:8 p.m.•1133 views

CVE-2023-36785

Technical details about CVE-2023-36785 are not publicly provided in the supplied documents; monitor for updates from official advisories and vendor feeds.

7.8CVSS8.1AI score0.01056EPSS

CVE•added 2023/02/14 7:32 p.m.•1054 views

CVE-2023-21705

CVE-2023-21705 is a Microsoft SQL Server remote code execution vulnerability. Public documents indicate the issue is addressed in security updates for SQL Server 2019 GDR (KB5021125) which fixes multiple CVEs including CVE-2023-21705; the update targets SQL Server 2019 and brings the product to b...

8.8CVSS9.3AI score0.01113EPSS

CVE•added 2023/02/14 7:32 p.m.•838 views

CVE-2023-21528

CVE-2023-21528 is a Microsoft SQL Server Remote Code Execution vulnerability. In SQL Server 2008 R2 SP3 GDR, updates described in KB5021112 fix CVE-2023-21528 (builds including SQLServer2008R2-KB5021112-x64.exe, version 10.50.6785.2). In SQL Server 2019, fixes are included in KB5021125 (build: SQ...

7.8CVSS8AI score0.00393EPSS

CVE•added 2023/10/10 5:7 p.m.•785 views

CVE-2023-36728

CVE-2023-36728 is a Denial-of-Service vulnerability impacting Microsoft SQL Server components. Public references in the supplied documents describe DoS impact from a malformed TDS packet/login handling that can lead to unavailability or undefined behavior, as cited in the October 2023 security up...

5.5CVSS5.9AI score0.00851EPSS

CVE•added 2023/02/14 7:32 p.m.•647 views

CVE-2023-21718

Technical details for CVE-2023-21718 are not provided in the supplied documents; no specific affected products, versions, impact, or fixes are listed here. Monitor for updates.

7.8CVSS8AI score0.0074EPSS

CVE•added 2023/10/10 5:8 p.m.•623 views

CVE-2023-36417

CVE-2023-36417 is a Remote Code Execution vulnerability affecting the Microsoft SQL Server OLE DB Driver. The Nessus entries and Microsoft advisories indicate an RCE in the SQL OLE DB component that can enable authentication bypass and arbitrary command execution. The issue has been addressed in ...

7.8CVSS8AI score0.00982EPSS

CVE•added 2022/02/09 4:37 p.m.•597 views

CVE-2022-23276

CVE-2022-23276 is a local privilege-escalation vulnerability affecting SQL Server 2019 on Linux container images . Connected sources confirm the issue resides in the Linux container deployment, not in SQL Server on bare metal/VM, and is specific to the container image lifecycle. The vulnerability...

7.8CVSS8AI score0.00525EPSS

CVE•added 2023/02/14 7:32 p.m.•530 views

CVE-2023-21704

CVE-2023-21704 is a vulnerability in the Microsoft ODBC Driver for SQL Server that enables remote code execution. Microsoft’s security update KB5021126 addresses CVE-2023-21704 as part of a CU/patch bundle, updating the ODBC driver component used by SQL Server connectivity. The documented impact ...

7.8CVSS8AI score0.00393EPSS

CVE•added 2023/10/10 5:7 p.m.•529 views

CVE-2023-36730

CVE-2023-36730 affects the Microsoft SQL Server ODBC Driver. The vulnerability is described as a Remote Code Execution issue in the ODBC Driver component; root cause details are not explicitly provided in the documents beyond the vulnerability family. Microsoft’s October 2023 security updates (KB...

7.8CVSS8.1AI score0.01034EPSS

CVE•added 2023/06/16 12:44 a.m.•520 views

CVE-2023-29349

CVE-2023-29349 concerns Microsoft ODBC and OLE DB components (SQL Server ODBC Driver and OLE DB Driver) enabling remote code execution. The vulnerability arises from improper handling in the ODBC/OLE DB stack, with an attack vector described as LOCAL and requiring user interaction, resulting in h...

7.8CVSS7.9AI score0.00603EPSS

CVE•added 2023/06/16 12:44 a.m.•516 views

CVE-2023-32027

CVE-2023-32027 is a vulnerability in the Microsoft ODBC Driver for SQL Server that enables remote code execution. Public sources describe exploitation that requires the attacker to lure the victim via a rogue SQL server, with the driver client on the affected workstation executing code. The vulne...

7.8CVSS8.1AI score0.00603EPSS

CVE•added 2023/10/10 5:8 p.m.•514 views

CVE-2023-36420

CVE-2023-36420 is an in-scope vulnerability affecting the Microsoft SQL Server ODBC Driver, described in connected sources as a Remote Code Execution vulnerability. Public details confirm the affected component is the ODBC Driver for SQL Server and that the issue is addressed by Microsoft securit...

7.8CVSS8.1AI score0.00982EPSS

CVE•added 2023/06/16 12:44 a.m.•494 views

CVE-2023-32028

CVE-2023-32028 – Microsoft SQL OLE DB Remote Code Execution Vulnerability affects the Microsoft OLE DB Driver for SQL Server (OLE DB Driver 19 for SQL Server, 18 for SQL Server) and related SQL Server OLE DB components. The root cause enables remote code execution, with exploitation described as ...

7.8CVSS8.2AI score0.00722EPSS

CVE•added 2023/06/16 12:44 a.m.•491 views

CVE-2023-32025

CVE-2023-32025 concerns the Microsoft ODBC Driver for SQL Server. Connected sources indicate a remote code execution vulnerability in the ODBC driver, with exploitation described as requiring the attacker to lure the victim to connect to a rogue SQL server. The NCSC advisory confirms the issue wa...

7.8CVSS8.1AI score0.00603EPSS

CVE•added 2023/06/16 12:44 a.m.•467 views

CVE-2023-32026

The CVE-2023-32026 entry concerns the Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Public sources describe the vulnerable component as the ODBC Driver for SQL Server, with exploitation enabling remote code execution. The NCSC advisory clarifies that exploitation requi...

7.8CVSS8.1AI score0.00722EPSS

CVE•added 2023/06/16 12:44 a.m.•464 views

CVE-2023-29356

CVE-2023-29356 concerns a Remote Code Execution vulnerability in the Microsoft ODBC Driver for SQL Server. Affected component: Microsoft ODBC Driver for SQL Server. Underlying issue is exploited when a user connects to a rogue SQL server via ODBC; exploitation requires the attacker to lure the us...

7.8CVSS8.1AI score0.00603EPSS