236 matches found
CVE-2024-28937
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-37334
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29045
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28933
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28914
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28936
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28941
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28915
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2014-4061
Microsoft SQL Server 2008 SP3, 2008 R2 SP2, and 2012 SP1 does not properly control use of stack memory for processing of T-SQL batch commands, which allows remote authenticated users to cause a denial of service (daemon hang) via a crafted T-SQL statement, aka "Microsoft SQL Server Stack Overrun Vu...
CVE-2024-28913
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2016-7254
Microsoft SQL Server 2012 SP2 and 2012 SP3 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability."
CVE-2024-29984
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28944
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28940
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29044
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28934
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28926
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29043
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-26186
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
CVE-2024-28908
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28939
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28909
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28927
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28938
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29982
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28932
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29046
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28935
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28942
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28910
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-28912
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-20701
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-21303
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-28945
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2024-29047
Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability
CVE-2011-1280
The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express (SSMSE) 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote attackers to read arbitrar...
CVE-2002-1123
Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote attackers to execute arbitrary code via a long request to TCP port 1433, aka the "Hello" overflow.
CVE-2024-37336
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-38087
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2008-5416
Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2...
CVE-2009-2528
GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vulnerability."
CVE-2024-37331
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37323
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2024-37332
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2009-2500
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office ...
CVE-2009-3126
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office ...
CVE-2024-49021
Microsoft SQL Server Remote Code Execution Vulnerability
CVE-2002-0643
The installation of Microsoft Data Engine 1.0 (MSDE 1.0), and Microsoft SQL Server 2000 creates setup.iss files with insecure permissions and does not delete them after installation, which allows local users to obtain sensitive data, including weakly encrypted passwords, to gain privileges, aka "SQ...
CVE-2024-37330
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
CVE-2007-5348
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 20...