Search Results (267 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-7254 1 Microsoft 1 Sql Server 2025-04-12 N/A
Microsoft SQL Server 2012 SP2 and 2012 SP3 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability."
CVE-2016-7249 1 Microsoft 1 Sql Server 2025-04-12 N/A
Microsoft SQL Server 2016 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability."
CVE-2016-7250 1 Microsoft 1 Sql Server 2025-04-12 N/A
Microsoft SQL Server 2014 SP1, 2014 SP2, and 2016 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability."
CVE-2016-7251 1 Microsoft 1 Sql Server 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the MDS API in Microsoft SQL Server 2016 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "MDS API XSS Vulnerability."
CVE-2016-7253 1 Microsoft 1 Sql Server 2025-04-12 N/A
The agent in Microsoft SQL Server 2012 SP2, 2012 SP3, 2014 SP1, 2014 SP2, and 2016 does not properly check the atxcore.dll ACL, which allows remote authenticated users to gain privileges via unspecified vectors, aka "SQL Server Agent Elevation of Privilege Vulnerability."
CVE-2012-4015 2 Microsoft, Mylittletools 2 Sql Server, Mylittleadmin 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the management screen in myLittleTools myLittleAdmin for SQL Server 2000 allows remote attackers to inject arbitrary web script or HTML via vectors that trigger a crafted database entry.
CVE-2012-2552 1 Microsoft 2 Sql Server, Sql Server Reporting Services 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the SQL Server Report Manager in Microsoft SQL Server 2000 Reporting Services SP2 and SQL Server 2005 SP4, 2008 SP2 and SP3, 2008 R2 SP1, and 2012 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "Reflected XSS Vulnerability."
CVE-2011-1280 1 Microsoft 4 Office Infopath, Sql Server, Sql Server Management Studio Express and 1 more 2025-04-11 N/A
The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express (SSMSE) 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote attackers to read arbitrary files via a crafted .disco (Web Service Discovery) file, aka "XML External Entities Resolution Vulnerability."
CVE-2023-21718 1 Microsoft 1 Sql Server 2025-02-28 7.8 High
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2023-29356 1 Microsoft 2 Odbc Driver For Sql Server, Sql Server 2025-02-28 7.8 High
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2023-32025 1 Microsoft 2 Odbc Driver For Sql Server, Sql Server 2025-02-28 7.8 High
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2023-32026 1 Microsoft 2 Odbc Driver For Sql Server, Sql Server 2025-02-28 7.8 High
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2023-32027 1 Microsoft 2 Odbc Driver For Sql Server, Sql Server 2025-02-28 7.8 High
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2023-29349 1 Microsoft 3 Odbc Driver For Sql Server, Ole Db Driver For Sql Server, Sql Server 2025-02-28 7.8 High
Microsoft ODBC and OLE DB Remote Code Execution Vulnerability
CVE-2023-38169 1 Microsoft 3 Odbc Driver For Sql Server, Ole Db Driver For Sql Server, Sql Server 2025-02-27 8.8 High
Microsoft SQL OLE DB Remote Code Execution Vulnerability
CVE-2024-37965 1 Microsoft 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more 2025-01-29 8.8 High
Microsoft SQL Server Elevation of Privilege Vulnerability
CVE-2023-23384 1 Microsoft 1 Sql Server 2025-01-23 7.3 High
Microsoft SQL Server Remote Code Execution Vulnerability
CVE-2024-37966 1 Microsoft 4 Sql Server, Sql Server 2017, Sql Server 2019 and 1 more 2025-01-15 7.1 High
Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
CVE-2024-37980 1 Microsoft 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more 2025-01-07 8.8 High
Microsoft SQL Server Elevation of Privilege Vulnerability
CVE-2024-43474 1 Microsoft 3 Sql Server, Sql Server 2017, Sql Server 2019 2025-01-07 7.6 High
Microsoft SQL Server Information Disclosure Vulnerability