Lucene search
K
MicrosoftSql Server

5 matches found

CVE
CVE
added 2019/05/16 6:17 p.m.986 views

CVE-2019-0819

CVE-2019-0819 is an information-disclosure vulnerability in Microsoft SQL Server Analysis Services where metadata permissions are not enforced correctly. Exploitation requires credentials to access an affected Analysis Services database, potentially leaking restricted data due to flaws in Object-...

6.5CVSS6.1AI score0.05373EPSS
CVE
CVE
added 2015/07/14 11:0 p.m.430 views

CVE-2015-1761

CVE-2015-1761 relates to Microsoft SQL Server across multiple versions (2008 SP3/SP4, 2008 R2 SP2/SP3, 2012 SP1/SP2, 2014) where an incorrect class during casts of unspecified pointers allows remote authenticated users to gain privileges via certain write access. The root cause is described as a ...

6.5CVSS7.1AI score0.185EPSS
CVE
CVE
added 2016/11/10 6:16 a.m.374 views

CVE-2016-7252

CVE-2016-7252 is tied to Microsoft SQL Server 2016 Analysis Services Information Disclosure via improper FILESTREAM path handling. The vulnerability allows an authenticated, remote attacker to disclose sensitive data by abusing the FILESTREAM path validation vulnerability (root cause: improper va...

6.5CVSS7.2AI score0.17568EPSS
CVE
CVE
added 2016/11/10 6:16 a.m.278 views

CVE-2016-7251

CVE-2016-7251 is a cross-site scripting (XSS) vulnerability in the Microsoft SQL Server 2016 Master Data Services (MDS) API. The issue arises from improper validation of a request parameter on the SQL Server MDS site, which could allow an attacker to inject client-side script or HTML. The vulnera...

6.1CVSS6.6AI score0.0819EPSS
CVE
CVE
added 2014/08/12 9:0 p.m.231 views

CVE-2014-4061

CVE-2014-4061 affects Microsoft SQL Server 2008 SP3, SQL Server 2008 R2 SP2, and SQL Server 2012 SP1. The root cause is improper control of stack memory when processing T-SQL batch commands, enabling remote authenticated users to cause a denial of service (daemon hang). Connected sources align on...

6.8CVSS6.6AI score0.26499EPSS