Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-21704
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
Microsoft Sql Server 2014
Microsoft Sql Server 2017
Microsoft Sql Server 2019
Microsoft Sql Server 2016
Microsoft Sql Server 2022
NA
CVE-2006-4731
Multiple directory traversal vulnerabilities in (1) login.pl and (2) admin.pl in (a) SQL-Ledger prior to 2.6.19 and (b) LedgerSMB prior to 1.0.0p1 allow remote malicious users to execute arbitrary Perl code via an unspecified terminal parameter value containing ../ (dot dot slash...
Dws Systems Inc. Sql-ledger 2.6.14
Dws Systems Inc. Sql-ledger 2.4.10
Dws Systems Inc. Sql-ledger 2.4.7
Dws Systems Inc. Sql-ledger 2.2.3
Dws Systems Inc. Sql-ledger 2.6.12
Dws Systems Inc. Sql-ledger 2.2.5
Dws Systems Inc. Sql-ledger 2.4.6
Dws Systems Inc. Sql-ledger 2.6.15
Dws Systems Inc. Sql-ledger 2.6.6
Dws Systems Inc. Sql-ledger 2.6.3
Dws Systems Inc. Sql-ledger 2.4.12
Dws Systems Inc. Sql-ledger 2.6.13
Dws Systems Inc. Sql-ledger 2.4.14
Dws Systems Inc. Sql-ledger 2.6.1
Dws Systems Inc. Sql-ledger 2.6.16
Dws Systems Inc. Sql-ledger 2.2.0
Dws Systems Inc. Sql-ledger 2.6.11
Dws Systems Inc. Sql-ledger 2.2.6
Dws Systems Inc. Sql-ledger 2.4.13
Dws Systems Inc. Sql-ledger 2.4.5
Dws Systems Inc. Sql-ledger 2.4.11
Dws Systems Inc. Sql-ledger 2.6.18
1 EDB exploit
NA
CVE-2013-2322
HP SQL/MX 3.2 and previous versions on NonStop servers, when SQL/MP Objects are used, allows remote authenticated users to obtain sensitive information via unspecified vectors, aka the "SQL/MP index" issue.
Hp Nonstop Sql\\/mx 2.3
Hp Nonstop Sql\\/mx 21
Hp Nonstop Sql\\/mx
Hp Nonstop Sql\\/mx 3.1
Hp Nonstop Sql\\/mx 2.0
Hp Nonstop Sql\\/mx 1.8
Hp Nonstop Sql\\/mx 3.0
Hp Nonstop Sql\\/mx 2.2
5.5
CVSSv3
CVE-2023-36728
Microsoft SQL Server Denial of Service Vulnerability
Microsoft Sql Server 2014
Microsoft Sql Server 2017
Microsoft Sql Server 2019
Microsoft Sql Server 2016
Microsoft Sql Server 2022
Microsoft Odbc Driver For Sql Server
Microsoft Ole Db Driver For Sql Server
NA
CVE-2015-7876
The escapeLike function in sqlsrv/database.inc in the Drupal 7 driver for SQL Server and SQL Azure 7.x-1.x prior to 7.x-1.4 does not properly escape certain characters, which allows remote malicious users to execute arbitrary SQL commands via vectors involving a module using the ...
Drupal 7 Driver For Sql Server And Sql Azure Project Drupal 7 Driver For Sql Server And Sql Azure 7.x-1.0
Drupal 7 Driver For Sql Server And Sql Azure Project Drupal 7 Driver For Sql Server And Sql Azure 7.x-1.1
Drupal 7 Driver For Sql Server And Sql Azure Project Drupal 7 Driver For Sql Server And Sql Azure 7.x-1.2
Drupal 7 Driver For Sql Server And Sql Azure Project Drupal 7 Driver For Sql Server And Sql Azure 7.x-1.3
2.8
CVSSv3
CVE-2020-14740
Vulnerability in the SQL Developer Install component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged attacker having Client Computer User Account privilege with logon ...
Oracle Sql Developer 11.2.0.4
Oracle Sql Developer 12.1.0.2
Oracle Sql Developer 12.2.0.1
Oracle Sql Developer 18c
7.5
CVSSv3
CVE-2002-1872
Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption (XOR), which allows remote malicious users to sniff and decrypt the password.
Microsoft Sql Server 7.0
Microsoft Sql Server 2000
Microsoft Sql Server 6.0
Microsoft Sql Server 6.5
1 Github repository
7.5
CVSSv3
CVE-2022-29143
Microsoft SQL Server Remote Code Execution Vulnerability
Microsoft Sql Server 2014
Microsoft Sql Server 2016
Microsoft Sql Server 2017
Microsoft Sql Server 2019
NA
CVE-2007-5372
Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 up to and including 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote malicious users to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field.
Dws Systems Inc. Sql-ledger 2.2.7
Dws Systems Inc. Sql-ledger 2.4.0
Dws Systems Inc. Sql-ledger 2.4.15
Dws Systems Inc. Sql-ledger 2.4.16
Dws Systems Inc. Sql-ledger 2.4.8
Dws Systems Inc. Sql-ledger 2.4.9
Dws Systems Inc. Sql-ledger 2.6.16
Dws Systems Inc. Sql-ledger 2.6.17
Dws Systems Inc. Sql-ledger 2.6.6
Dws Systems Inc. Sql-ledger 2.6.7
Ledgersmb Ledgersmb 1.1.8
Ledgersmb Ledgersmb 1.2.0
Dws Systems Inc. Sql-ledger 2.2.0
Dws Systems Inc. Sql-ledger 2.2.1
Dws Systems Inc. Sql-ledger 2.4.1
Dws Systems Inc. Sql-ledger 2.4.10
Dws Systems Inc. Sql-ledger 2.4.2
Dws Systems Inc. Sql-ledger 2.4.3
Dws Systems Inc. Sql-ledger 2.6.1
Dws Systems Inc. Sql-ledger 2.6.10
Dws Systems Inc. Sql-ledger 2.6.18
Dws Systems Inc. Sql-ledger 2.6.2
8.1
CVSSv3
CVE-2016-2346
Allround Automations PL/SQL Developer 11 prior to 11.0.6 relies on unverified HTTP data for updates, which allows man-in-the-middle malicious users to execute arbitrary code by modifying fields in the client-server data stream.
Allroundautomations Pl\\/sql Developer 11.0.5
Allroundautomations Pl\\/sql Developer 11.0.3
Allroundautomations Pl\\/sql Developer 11.0.2
Allroundautomations Pl\\/sql Developer 11.0.1
Allroundautomations Pl\\/sql Developer 11.0
Allroundautomations Pl\\/sql Developer 11.0.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »