Show filters
16 Total Results
Displaying 1-10 of 16
Sort by:
Attacker Value
Moderate

CVE-2021-1636

Disclosure Date: January 12, 2021 (last updated February 22, 2025)
Microsoft SQL Elevation of Privilege Vulnerability
6
1
Attacker Value
High

CVE-2020-0618

Disclosure Date: February 11, 2020 (last updated February 21, 2025)
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
2
Attacker Value
Unknown

CVE-2023-21705

Disclosure Date: February 14, 2023 (last updated January 11, 2025)
Microsoft SQL Server Remote Code Execution Vulnerability
Attack Vector: NetworkPrivileges: LowUser Interaction: None
1
0
Attacker Value
Unknown

CVE-2014-1820

Disclosure Date: August 12, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in Master Data Services (MDS) in Microsoft SQL Server 2012 SP1 and 2014 on 64-bit platforms allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "SQL Master Data Services XSS Vulnerability."
1
0
Attacker Value
Unknown

CVE-2023-23384

Disclosure Date: April 11, 2023 (last updated December 14, 2023)
Microsoft SQL Server Remote Code Execution Vulnerability
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-21718

Disclosure Date: February 14, 2023 (last updated January 11, 2025)
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-21713

Disclosure Date: February 14, 2023 (last updated January 11, 2025)
Microsoft SQL Server Remote Code Execution Vulnerability
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-21528

Disclosure Date: February 14, 2023 (last updated January 11, 2025)
Microsoft SQL Server Remote Code Execution Vulnerability
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2017-8516

Disclosure Date: August 08, 2017 (last updated November 26, 2024)
Microsoft SQL Server Analysis Services in Microsoft SQL Server 2012, Microsoft SQL Server 2014, and Microsoft SQL Server 2016 allows an information disclosure vulnerability when it improperly enforces permissions, aka "Microsoft SQL Server Analysis Services Information Disclosure Vulnerability".
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2016-7254

Disclosure Date: November 10, 2016 (last updated November 25, 2024)
Microsoft SQL Server 2012 SP2 and 2012 SP3 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability."
0
0
View More Topics  Next >