Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
data engine vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1145
The xp_runwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine (MSDE) 1.0, and Microsoft Desktop Engine (MSDE) 2000 can be executed by PUBLIC, which allows an malicious user to gain privileges by updating a webtask that i...
Microsoft Sql Server 7.0
Microsoft Sql Server 2000
Microsoft Data Engine 1.0
Microsoft Data Engine 2000
NA
CVE-2002-0721
Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via (1) xp_execre...
Microsoft Sql Server 2000
Microsoft Data Engine 1.0
Microsoft Data Engine 2000
Microsoft Sql Server 7.0
1 EDB exploit
NA
CVE-2000-0202
Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 allow remote malicious users to gain privileges via a malformed Select statement in an SQL query.
Microsoft Data Engine 1.0
Microsoft Sql Server 7.0
NA
CVE-2002-0644
Buffer overflow in several Database Consistency Checkers (DBCCs) for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows members of the db_owner and db_ddladmin roles to execute arbitrary code.
Microsoft Data Engine 2000
Microsoft Sql Server 2000
1 EDB exploit
NA
CVE-2002-0645
SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 may allow authenticated users to execute arbitrary commands.
Microsoft Data Engine 2000
Microsoft Sql Server 2000
NA
CVE-2002-0649
Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote malicious users to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04 byte that causes the SQL...
Microsoft Data Engine 2000
Microsoft Sql Server 2000
2 EDB exploits
NA
CVE-2002-2118
Buffer overflow in Blue World Lasso Web Data Engine 3.6.5 allows remote malicious users to cause a denial of service via a long URL.
Blue World Communications Lasso Web Data Engine 3.6.5
NA
CVE-2002-1123
Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote malicious users to execute arbitrary code via a long request to TCP port 1433, aka the "Hello" overflow.
Microsoft Sql Server 2000
Microsoft Data Engine 2000
2 EDB exploits
NA
CVE-2002-0643
The installation of Microsoft Data Engine 1.0 (MSDE 1.0), and Microsoft SQL Server 2000 creates setup.iss files with insecure permissions and does not delete them after installation, which allows local users to obtain sensitive data, including weakly encrypted passwords, to gain ...
Microsoft Sql Server 7.0
Microsoft Data Engine 1.0
Microsoft Sql Server 2000
NA
CVE-2003-0230
Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability.
Microsoft Sql Server 2000
Microsoft Sql Server 7.0
Microsoft Data Engine 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »