Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql server 2017 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2017-7221
OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by leveraging the availability of the dm_bp_transition docbase method with a user-created ...
Opentext Documentum Content Server -
1 EDB exploit
6.5
CVSSv2
CVE-2017-7717
SQL injection vulnerability in the getUserUddiElements method in the ES UDDI component in SAP NetWeaver AS Java 7.4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2356504.
Sap Netweaver Application Server Java 7.40
6.5
CVSSv2
CVE-2017-5585
OpenText Documentum Content Server (formerly EMC Documentum Content Server) 7.3, when PostgreSQL Database is used and return_top_results_row_based config option is false, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attack...
Opentext Documentum Content Server 7.3
6.5
CVSSv2
CVE-2017-5570
An issue exists in eClinicalWorks Patient Portal 7.0 build 13. This is a blind SQL injection within the messageJson.jsp, which can only be exploited by authenticated users via an HTTP POST request and which can be used to dump database data out to a malicious server, using an out...
Eclinicalworks Patient Portal 7.0
6
CVSSv2
CVE-2022-29143
Microsoft SQL Server Remote Code Execution Vulnerability
Microsoft Sql Server 2014
Microsoft Sql Server 2016
Microsoft Sql Server 2017
Microsoft Sql Server 2019
5.5
CVSSv2
CVE-2017-14807
An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in susestudio-ui-server of SUSE Studio onsite allows remote attackers with admin privileges in Studio to alter SQL statements, allowing for extraction and modification ...
Suse Studio Onsite 1.3
Suse Susestudio-ui-server
5.5
CVSSv2
CVE-2019-1824
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote malicious user to execute arbitrary SQL queries. This vulnerability exist because the software improp...
Cisco Evolved Programmable Network Manager
Cisco Prime Infrastructure
5.5
CVSSv2
CVE-2019-1825
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote malicious user to execute arbitrary SQL queries. This vulnerability exist because the software improp...
Cisco Prime Infrastructure
Cisco Network Level Service 3.0\\(0.0.83b\\)
Cisco Evolved Programmable Network Manager
5.4
CVSSv2
CVE-2017-1183
IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) malicious user to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494.
Ibm Tivoli Monitoring 6.2.3.5
Ibm Tivoli Monitoring 6.3.0.7
Ibm Tivoli Monitoring 6.2.2.9
5
CVSSv2
CVE-2017-8516
Microsoft SQL Server Analysis Services in Microsoft SQL Server 2012, Microsoft SQL Server 2014, and Microsoft SQL Server 2016 allows an information disclosure vulnerability when it improperly enforces permissions, aka "Microsoft SQL Server Analysis Services Information Discl...
Microsoft Sql Server 2016
Microsoft Sql Server 2012
Microsoft Sql Server 2014
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »