Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-32028
Microsoft SQL OLE DB Remote Code Execution Vulnerability
Microsoft Sql Server 2019
Microsoft Sql Server 2022
Microsoft Ole Db Driver For Sql Server
7.8
CVSSv3
CVE-2023-36417
Microsoft SQL OLE DB Remote Code Execution Vulnerability
Microsoft Sql Server 2019
Microsoft Sql Server 2022
Microsoft Ole Db Driver For Sql Server
NA
CVE-2013-2323
HP SQL/MX 3.0 up to and including 3.2 on NonStop servers, when SQL/MP Objects are used, allows remote authenticated users to bypass intended access restrictions and modify data via unspecified vectors, aka the "SQL/MP tables" issue.
Hp Nonstop Sql\\/mx 3.1
Hp Nonstop Sql\\/mx 3.2
Hp Nonstop Sql\\/mx 3.0
NA
CVE-2008-1870
SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Geek247 Pigmy-sql
Geek247 Pigmy-sql 1.4
1 EDB exploit
NA
CVE-2007-1329
Directory traversal vulnerability in SQL-Ledger, and LedgerSMB prior to 1.1.5, allows remote malicious users to read and overwrite arbitrary files, and execute arbitrary code, via . (dot) characters adjacent to (1) users and (2) users/members strings, which are removed by blackli...
Sql-ledger Sql-ledger 2.6.25
Ledgersmb Ledgersmb
NA
CVE-2001-0542
Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported in MS01-060 is identified ...
Microsoft Sql Server 2000
Microsoft Sql Server 7.0
NA
CVE-2002-0056
Buffer overflow in SQL Server 7.0 and 2000 allows remote malicious users to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an ad hoc connection.
Microsoft Sql Server 2000
Microsoft Sql Server 7.0
NA
CVE-2014-1820
Cross-site scripting (XSS) vulnerability in Master Data Services (MDS) in Microsoft SQL Server 2012 SP1 and 2014 on 64-bit platforms allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka "SQL Master Data Services XSS Vulnerability."
Microsoft Sql Server 2012
Microsoft Sql Server 2014
7.2
CVSSv3
CVE-2017-3486
Vulnerability in the SQL*Plus component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with logon to the infrastructure where SQL*Plus execu...
Oracle Sql Plus 12.1.0.2
Oracle Sql Plus 11.2.0.4
NA
CVE-2015-2819
SAP Sybase SQL Anywhere 11 and 16 allows remote malicious users to cause a denial of service (crash) via a crafted request, aka SAP Security Note 2108161.
Sap Sql Anywhere 11.0
Sap Sql Anywhere 16.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »