Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql server vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2019-0819
An information disclosure vulnerability exists in Microsoft SQL Server Analysis Services when it improperly enforces metadata permissions, aka 'Microsoft SQL Server Analysis Services Information Disclosure Vulnerability'.
Microsoft Sql Server 2017
1 Article
7.2
CVSSv2
CVE-2000-0199
When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Always prompt for login name and password" option is not set, then the Enterprise Manager uses weak encryption to store the login ID and password.
Microsoft Sql Server 7.0
7.5
CVSSv2
CVE-2007-4814
Buffer overflow in the SQLServer ActiveX control in the Distributed Management Objects OLE DLL (sqldmo.dll) 2000.085.2004.00 in Microsoft SQL Server Enterprise Manager 8.05.2004 allows remote malicious users to execute arbitrary code via a long second argument to the Start method...
Microsoft Sql Server 2005
2 EDB exploits
7.5
CVSSv2
CVE-2002-0186
Buffer overflow in the SQLXML ISAPI extension of Microsoft SQL Server 2000 allows remote malicious users to execute arbitrary code via data queries with a long content-type parameter, aka "Unchecked Buffer in SQLXML ISAPI Extension."
Microsoft Sql Server 2000
1 EDB exploit
7.5
CVSSv2
CVE-2002-0187
Cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000 allows an malicious user to execute arbitrary script via the root parameter as part of an XML SQL query, aka "Script Injection via XML Tag."
Microsoft Sql Server 2000
1 EDB exploit
5
CVSSv2
CVE-2004-1560
Microsoft SQL Server 7.0 allows remote malicious users to cause a denial of service (mssqlserver service halt) via a long request to TCP port 1433, possibly triggering a buffer overflow.
Microsoft Sql Server 7.0
1 EDB exploit
4.3
CVSSv2
CVE-1999-0999
Microsoft SQL 7.0 server allows a remote malicious user to cause a denial of service via a malformed TDS packet.
Microsoft Sql Server 7.0
1 EDB exploit
2.1
CVSSv2
CVE-2000-0402
The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, aka the "SQL Server 7.0 Service Pack Password" vulnerability.
Microsoft Sql Server 7.0
2 EDB exploits
5
CVSSv2
CVE-2002-0650
The keep-alive mechanism for Microsoft SQL Server 2000 allows remote malicious users to cause a denial of service (bandwidth consumption) via a "ping" style packet to the Resolution Service (UDP port 1434) with a spoofed IP address of another SQL Server system, which ca...
Microsoft Sql Server 2000
7.6
CVSSv2
CVE-2008-4110
Buffer overflow in the SQLVDIRLib.SQLVDirControl ActiveX control in Tools\Binn\sqlvdir.dll in Microsoft SQL Server 2000 (aka SQL Server 8.0) allows remote malicious users to cause a denial of service (browser crash) or possibly execute arbitrary code via a long URL in the second ...
Microsoft Sql Server 2000
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »