Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

sql server management studio vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv2
CVE-2018-8527
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing a malicious XEL file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Serv...
Microsoft Sql Server Management Studio 17.9Microsoft Sql Server Management Studio 18.0
4.3
CVSSv2
CVE-2018-8532
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing a malicious XMLA file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Ser...
Microsoft Sql Server Management Studio 18.0Microsoft Sql Server Management Studio 17.9
4.3
CVSSv2
CVE-2018-8533
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing malicious XML content containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Ser...
Microsoft Sql Server Management Studio 18.0Microsoft Sql Server Management Studio 17.9
4
CVSSv2
CVE-2019-1313
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when it improperly enforces permissions, aka 'SQL Server Management Studio Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1376.
Microsoft Sql Server Management Studio 18.3Microsoft Sql Server Management Studio 18.3.1
2.1
CVSSv2
CVE-2020-1455
A denial of service vulnerability exists when Microsoft SQL Server Management Studio (SSMS) improperly handles files. An attacker could exploit the vulnerability to trigger a denial of service. To exploit the vulnerability, an attacker would first require execution on the victim ...
Microsoft Sql Server Management Studio
4
CVSSv2
CVE-2019-1376
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when it improperly enforces permissions, aka 'SQL Server Management Studio Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1313.
Microsoft Sql Server Management Studio 18.3.1
4.3
CVSSv2
CVE-2011-1280
The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express (SSMSE) 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote malicio...
Microsoft Sql Server 2005Microsoft Sql Server 2008Microsoft Sql Server Management Studio Express 2005Microsoft Visual Studio 2005Microsoft Visual Studio 2008Microsoft Office Infopath 2010Microsoft Office Infopath 2007Microsoft Visual Studio 2010
5
CVSSv2
CVE-2020-13956
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.
Apache HttpclientQuarkus QuarkusOracle Primavera Unifier 16.2Oracle Primavera Unifier 16.1Oracle Peoplesoft Enterprise Peopletools 8.57Oracle Primavera Unifier 18.8Oracle Data Integrator 12.2.1.3.0Oracle Primavera UnifierOracle Peoplesoft Enterprise Peopletools 8.58Oracle Primavera Unifier 19.12Oracle Data Integrator 12.2.1.4.0Oracle Primavera Unifier 20.12Oracle Peoplesoft Enterprise Pt Peopletools 8.57Oracle Nosql DatabaseOracle Peoplesoft Enterprise Pt Peopletools 8.59Oracle Peoplesoft Enterprise Pt Peopletools 8.58Oracle Retail Customer Management And Segmentation FoundationOracle Sql DeveloperOracle Spatial StudioOracle Jd Edwards Enterpriseone ToolsOracle Jd Edwards Enterpriseone OrchestratorNetapp Snapcenter -
4.3
CVSSv2
CVE-2021-45105
Apache Log4j2 versions 2.0-alpha1 up to and including 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted strin...
Apache Log4jNetapp Cloud Manager -Debian Debian Linux 10.0Debian Debian Linux 11.0Sonicwall Network Security ManagerSonicwall Email SecuritySonicwall Web Application FirewallSonicwall 6bk1602-0aa12-0tp0 FirmwareSonicwall 6bk1602-0aa22-0tp0 FirmwareSonicwall 6bk1602-0aa32-0tp0 FirmwareSonicwall 6bk1602-0aa42-0tp0 FirmwareSonicwall 6bk1602-0aa52-0tp0 FirmwareOracle E-business Suite 12.2Oracle Retail Back Office 14.1Oracle Weblogic Server 12.2.1.3.0Oracle Webcenter Portal 12.2.1.3.0Oracle Webcenter Sites 12.2.1.3.0Oracle Managed File Transfer 12.2.1.3.0Oracle Retail Order Broker 16.0Oracle Retail Integration Bus 14.1.3Oracle Retail Returns Management 14.1Oracle Retail Central Office 14.1
NA
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1Tukaani Xz 5.6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook