Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
data engine vulnerabilities and exploits
(subscribe to this query)
465
VMScore
CVE-2000-1085
The xp_peekqueue function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an malicious user to cau...
Microsoft Data Engine 1.0
Microsoft Data Engine 2000
Microsoft Sql Server 2000
Microsoft Sql Server 7.0
1 EDB exploit
409
VMScore
CVE-2000-1086
The xp_printstatements function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an malicious user ...
Microsoft Sql Server 7.0
Microsoft Data Engine 1.0
Microsoft Data Engine 2000
Microsoft Sql Server 2000
465
VMScore
CVE-2000-1081
The xp_displayparamstmt function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an malicious user to c...
Microsoft Sql Server 7.0
Microsoft Data Engine 1.0
Microsoft Data Engine 2000
Microsoft Sql Server 2000
1 EDB exploit
409
VMScore
CVE-2000-1082
The xp_enumresultset function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an malicious user to caus...
Microsoft Data Engine 1.0
Microsoft Data Engine 2000
Microsoft Sql Server 2000
Microsoft Sql Server 7.0
215
VMScore
CVE-2000-1083
The xp_showcolv function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an malicious user to cause a d...
Microsoft Data Engine 2000
Microsoft Sql Server 2000
Microsoft Sql Server 7.0
Microsoft Data Engine 1.0
1 EDB exploit
409
VMScore
CVE-2000-1084
The xp_updatecolvbm function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an malicious user to cause...
Microsoft Data Engine 1.0
Microsoft Data Engine 2000
Microsoft Sql Server 2000
Microsoft Sql Server 7.0
409
VMScore
CVE-2000-1087
The xp_proxiedmetadata function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an malicious user ...
Microsoft Data Engine 1.0
Microsoft Data Engine 2000
Microsoft Sql Server 2000
Microsoft Sql Server 7.0
409
VMScore
CVE-2000-1088
The xp_SetSQLSecurity function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an malicious user t...
Microsoft Data Engine 2000
Microsoft Sql Server 2000
Microsoft Sql Server 7.0
Microsoft Data Engine 1.0
668
VMScore
CVE-2002-1137
Buffer overflow in the Database Console Command (DBCC) that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, allows malicious users to execute arbitrary code via a long SourceDB argument...
Microsoft Data Engine 1.0
Microsoft Data Engine 2000
Microsoft Sql Server 7.0
Microsoft Sql Server 2000
890
VMScore
CVE-2002-1145
The xp_runwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine (MSDE) 1.0, and Microsoft Desktop Engine (MSDE) 2000 can be executed by PUBLIC, which allows an malicious user to gain privileges by updating a webtask that i...
Microsoft Sql Server 7.0
Microsoft Sql Server 2000
Microsoft Data Engine 1.0
Microsoft Data Engine 2000
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »