43 matches found
CVE-2017-8516
The CVE-2017-8516 entry applies to Microsoft SQL Server Analysis Services across SQL Server 2012, 2014, and 2016, describing an information disclosure vulnerability caused by improper enforcement of permissions. The vulnerability is characterized by a CVSS v3.1 base score of 7.5 (HIGH) and CVSS v...
CVE-2023-23384
CVE-2023-23384 is described in the connected documents as a Microsoft SQL Server remote code execution vulnerability reachable over the network. Nessus plugin entries for April 2023 (SMB_NT_MS23_APR_MSSQL_REMOTE.NASL and SMB_NT_MS23_APR_MSSQL.NASL) confirm a remote code execution issue, with self...
CVE-2022-29143
CVE-2022-29143 describes a remote code execution vulnerability in Microsoft SQL Server where a specially crafted query against a table with a Column Store index can corrupt memory. Public details in the connected sources indicate exploitation could occur through authenticated access over network,...
CVE-2023-36785
Technical details about CVE-2023-36785 are not publicly provided in the supplied documents; monitor for updates from official advisories and vendor feeds.
CVE-2015-1762
CVE-2015-1762 affects Microsoft SQL Server 2008 SP3/SP4, 2008 R2 SP2/SP3, 2012 SP1/SP2, and 2014 when transactional replication is configured. Cause: uninitialized memory in an unspecified function call, allowing remote authenticated users to execute arbitrary code via crafted queries, demonstrat...
CVE-2023-21528
CVE-2023-21528 is a Microsoft SQL Server Remote Code Execution vulnerability. In SQL Server 2008 R2 SP3 GDR, updates described in KB5021112 fix CVE-2023-21528 (builds including SQLServer2008R2-KB5021112-x64.exe, version 10.50.6785.2). In SQL Server 2019, fixes are included in KB5021125 (build: SQ...
CVE-2023-21718
Technical details for CVE-2023-21718 are not provided in the supplied documents; no specific affected products, versions, impact, or fixes are listed here. Monitor for updates.
CVE-2023-36417
CVE-2023-36417 is a Remote Code Execution vulnerability affecting the Microsoft SQL Server OLE DB Driver. The Nessus entries and Microsoft advisories indicate an RCE in the SQL OLE DB component that can enable authentication bypass and arbitrary command execution. The issue has been addressed in ...
CVE-2022-23276
CVE-2022-23276 is a local privilege-escalation vulnerability affecting SQL Server 2019 on Linux container images . Connected sources confirm the issue resides in the Linux container deployment, not in SQL Server on bare metal/VM, and is specific to the container image lifecycle. The vulnerability...
CVE-2023-21704
CVE-2023-21704 is a vulnerability in the Microsoft ODBC Driver for SQL Server that enables remote code execution. Microsoft’s security update KB5021126 addresses CVE-2023-21704 as part of a CU/patch bundle, updating the ODBC driver component used by SQL Server connectivity. The documented impact ...
CVE-2023-36730
CVE-2023-36730 affects the Microsoft SQL Server ODBC Driver. The vulnerability is described as a Remote Code Execution issue in the ODBC Driver component; root cause details are not explicitly provided in the documents beyond the vulnerability family. Microsoft’s October 2023 security updates (KB...
CVE-2023-29349
CVE-2023-29349 concerns Microsoft ODBC and OLE DB components (SQL Server ODBC Driver and OLE DB Driver) enabling remote code execution. The vulnerability arises from improper handling in the ODBC/OLE DB stack, with an attack vector described as LOCAL and requiring user interaction, resulting in h...
CVE-2023-32027
CVE-2023-32027 is a vulnerability in the Microsoft ODBC Driver for SQL Server that enables remote code execution. Public sources describe exploitation that requires the attacker to lure the victim via a rogue SQL server, with the driver client on the affected workstation executing code. The vulne...
CVE-2023-36420
CVE-2023-36420 is an in-scope vulnerability affecting the Microsoft SQL Server ODBC Driver, described in connected sources as a Remote Code Execution vulnerability. Public details confirm the affected component is the ODBC Driver for SQL Server and that the issue is addressed by Microsoft securit...
CVE-2023-32028
CVE-2023-32028 – Microsoft SQL OLE DB Remote Code Execution Vulnerability affects the Microsoft OLE DB Driver for SQL Server (OLE DB Driver 19 for SQL Server, 18 for SQL Server) and related SQL Server OLE DB components. The root cause enables remote code execution, with exploitation described as ...
CVE-2023-32025
CVE-2023-32025 concerns the Microsoft ODBC Driver for SQL Server. Connected sources indicate a remote code execution vulnerability in the ODBC driver, with exploitation described as requiring the attacker to lure the victim to connect to a rogue SQL server. The NCSC advisory confirms the issue wa...
CVE-2023-32026
The CVE-2023-32026 entry concerns the Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Public sources describe the vulnerable component as the ODBC Driver for SQL Server, with exploitation enabling remote code execution. The NCSC advisory clarifies that exploitation requi...
CVE-2023-29356
CVE-2023-29356 concerns a Remote Code Execution vulnerability in the Microsoft ODBC Driver for SQL Server. Affected component: Microsoft ODBC Driver for SQL Server. Underlying issue is exploited when a user connects to a rogue SQL server via ODBC; exploitation requires the attacker to lure the us...
CVE-2002-1123
CVE-2002-1123 is a buffer overflow in the authentication function of Microsoft SQL Server 2000 and MSDE 2000 triggered by a long TCP 1433 request, enabling remote code execution. Public writeups and scanners (MS02-056, Metasploit/MSF module, OpenVAS checks) confirm the existence of the Hello Over...
CVE-2007-4814
CVE-2007-4814 affects the SQL Server Distributed Management Objects (DMO) ActiveX control sqldmo.dll. A buffer overflow in the Start method is triggered by a long argument, enabling remote code execution. Exploitation details are documented in SAINT references, with note that exploits exist for M...
CVE-2008-4110
The OpenVAS/OpenVAS-derived data (plus CVE-2008-4110 details) confirms a buffer overflow in the Microsoft SQL Server 2000 ActiveX control: sqlvdir.dll (SQLVDIRLib.SQLVDirControl) that is loaded from Tools\Binn\sqlvdir.dll. The vulnerability is triggered by a long URL passed as the second argument...
CVE-2002-0642
CVE-2002-0642 corresponds to an elevation-of-privilege issue in Microsoft SQL Server 2000 and MSDE 2000 caused by insecure permissions on the registry key that stores the SQL Server service account. The OpenVAS/SECURITYVULNS entries corroborate a privilege-escalation risk tied to the SQL Server s...
CVE-2002-0649
CVE-2002-0649 describes a remote buffer-overflow in the SQL Server Resolution Service of Microsoft SQL Server 2000 and MSDE (port 1434/UDP). The vulnerability is triggered by UDP packets beginning with 0x04 (long registry key name) or 0x08 (long string), which can cause a denial of service or arb...
CVE-2001-0542
CVE-2001-0542 describes buffer/format-string vulnerabilities in Microsoft SQL Server 7.0 and 2000. The issues affect the built-in formatting functions raiserror, formatmessage, and xp_sprintf, allowing an attacker with SQL Server access to execute arbitrary code or potentially cause a denial of s...
CVE-2002-0186
CVE-2002-0186 describes a buffer overflow in the Microsoft SQLXML ISAPI extension for SQL Server 2000. The flaw arises from inadequate validation of the contenttype parameter in SQLXML HTTP requests, allowing a remote attacker to trigger a crash or execute arbitrary code (the extension runs with ...
CVE-2000-0202
CVE-2000-0202 affects Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0. A malformed SELECT statement in an SQL query allows remote attackers to gain privileges. The connected OpenVAS entry corroborates multiple MSSQL vulnerabilities; however, exploitation details, affected versions b...
CVE-2002-0154
Microsoft SQL Server 7.0 and SQL Server 2000 contain buffer overflow vulnerabilities in multiple extended stored procedures. A remote attacker could exploit these to cause a denial of service or execute arbitrary code (potentially with the SQL Server service account privileges), and could even af...
CVE-2002-0056
CVE-2002-0056 concerns Microsoft SQL Server 7.0 and 2000, where a buffer overflow is triggered by a long OLE DB provider name used with OpenDataSource or OpenRowset in an ad hoc connection. The resulting issue can allow an attacker to execute arbitrary code with the SQL Server service account’s p...
CVE-2003-0230
CVE-2003-0230 affects Microsoft SQL Server 7, 2000, and MSDE. The vulnerability allows local users to gain privileges by hijacking a named pipe during authentication, due to a flaw in how named pipes are checked by SQL Server when a client authenticates via a named pipe. Impact is privilege eleva...
CVE-2002-0644
CVE-2002-0644 / CVE-2002-1137 describe a buffer overflow in the Database Consistency Checkers (DBCCs) of Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 . The vulnerability allows db_owner and db_ddladmin role members to execute arbitrary code due to overflow in DBCC input hand...
CVE-2002-0187
The CVE-2002-0187 entry corresponds to a cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000, where an attacker could inject script via the root parameter of an XML SQL query. Connected documents also describe a related overflow issue in the SQLXML ISAPI filter...
CVE-2002-1872
Consolidated details from multiple sources confirm CVE-2002-1872 affects Microsoft SQL Server 6.0 through 2000 when SQL Authentication is enabled. The underlying issue is weak password encryption using XOR, enabling remote attackers to sniff and decrypt passwords. Affected software: Microsoft SQL...
CVE-2002-1138
CVE-2002-1138 affects Microsoft SQL Server 7.0 and 2000, including MSDE 1.0 and MSDE 2000. The flaw is in Output File Handling for Scheduled Jobs: these components write output files for scheduled jobs under the SQL Server service account rather than the launching entity. This privilege mismatch ...
CVE-2002-0645
Technical details for CVE-2002-0645 are not publicly provided in the connected documents; the available sources reference the vulnerability at a high level. Monitor for updates from official advisories.
CVE-2002-0982
Microsoft SQL Server 2000 SP2 (when configured as a distributor) is exposed to an arbitrary code execution vulnerability through the @scriptfile parameter of the sp_MScopyscript stored procedure. The CVE-2002-0982 entry documents this as a high-severity issue (CVSS v2 base score 7.5) with network...
CVE-2003-0232
CVE-2003-0232 affects Microsoft SQL Server 7, 2000, and MSDE. The issue is a buffer overflow in a Local Procedure Call (LPC) port that can be triggered by a specially crafted request, allowing a local attacker to execute arbitrary code with the SQL Server service account’s privileges. The vulnera...
CVE-2002-0624
CVE-2002-0624 describes a buffer overflow in the pwdencrypt() password-encryption function in Microsoft SQL Server 2000 (including MSDE 2000) that can allow remote attackers to execute arbitrary code with the SQL Server service account when authenticating via SQL Server Authentication. Public sou...
CVE-2002-0859
CVE-2002-0859 describes a buffer overflow in the OpenDataSource function of the Jet engine used by Microsoft SQL Server 2000. The vulnerability permits remote attackers to execute arbitrary code, affecting the system via the Jet engine component. The available records indicate the issue arises fr...
CVE-2002-1137
CVE-2002-1137 describes a buffer overflow in the Database Console Command (DBCC) in Microsoft SQL Server 7.0 and 2000, including MSDE 1.0/MSDE 2000. The vulnerability stems from handling of user input, allowing an attacker to execute arbitrary code via a long SourceDB argument in a non-SQL OLEDB ...
CVE-2002-0641
The CVE-2002-0641 issue affects Microsoft SQL Server 2000 and MSDE 2000, where a buffer overflow in the BULK INSERT procedure can be triggered by a file name that is too long. Exploitation requires Bulk Admin or Administrator privileges and can allow execution of arbitrary code with system/high p...
CVE-2001-0344
CVE-2001-0344 describes a privilege-escalation vulnerability in Microsoft SQL Server 2000 Gold and SQL Server 7.0 when running in Mixed Mode. An attacker with local database access could exploit reusing a cached sa administrator connection to gain privileges. The Initial Description states the vu...
CVE-1999-1556
CVE-1999-1556 affects Microsoft SQL Server 6.5. The issue arises from weak encryption of the password for the SQLExecutiveCmdExec account and storing it in an accessible portion of the registry, enabling local users to read and decrypt the CmdExecAccount value and potentially gain privileges. The...
CVE-2000-0199
CVE-2000-0199 affects Microsoft SQL Server 7.0 via Enterprise Manager when the “Always prompt for login name and password” option is not set; the login credentials are stored with weak encryption. The connected Nessus entry also describes a potential local privilege escalation by authenticated us...