Sql Server Security Vulnerabilities and Issues — Sql Server CVE List

Lucene search

MicrosoftSql Server

8 matches found

CVE•added 2025/07/08 5:15 p.m.•43 views

CVE-2025-49719

Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network.

7.5CVSS6.7AI score0.00305EPSS

CVE•added 2025/07/08 5:15 p.m.•40 views

CVE-2025-49717

Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network.

8.5CVSS7.8AI score0.00084EPSS

CVE•added 2025/07/08 5:15 p.m.•26 views

CVE-2025-49718

Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network.

7.5CVSS6.7AI score0.01078EPSS

CVE•added 2025/08/12 6:15 p.m.•22 views

CVE-2025-24999

Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network.

8.8CVSS7.7AI score0.00071EPSS

CVE•added 2025/08/12 6:15 p.m.•18 views

CVE-2025-49758

Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.

8.8CVSS7.8AI score0.00071EPSS

CVE•added 2025/08/12 6:15 p.m.•16 views

CVE-2025-49759

Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.

8.8CVSS7.8AI score0.00085EPSS

CVE•added 2025/08/12 6:15 p.m.•15 views

CVE-2025-53727

Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.

8.8CVSS7.8AI score0.00085EPSS

CVE•added 2025/08/12 6:15 p.m.•13 views

CVE-2025-47954

Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.

8.8CVSS7.8AI score0.00085EPSS