Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-32028
Microsoft SQL OLE DB Remote Code Execution Vulnerability
Microsoft Sql Server 2019
Microsoft Sql Server 2022
Microsoft Ole Db Driver For Sql Server
6
CVSSv2
CVE-2013-2323
HP SQL/MX 3.0 up to and including 3.2 on NonStop servers, when SQL/MP Objects are used, allows remote authenticated users to bypass intended access restrictions and modify data via unspecified vectors, aka the "SQL/MP tables" issue.
Hp Nonstop Sql\\/mx 3.1
Hp Nonstop Sql\\/mx 3.2
Hp Nonstop Sql\\/mx 3.0
NA
CVE-2023-36417
Microsoft SQL OLE DB Remote Code Execution Vulnerability
Microsoft Sql Server 2019
Microsoft Sql Server 2022
Microsoft Ole Db Driver For Sql Server
7.5
CVSSv2
CVE-2008-1870
SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Geek247 Pigmy-sql
Geek247 Pigmy-sql 1.4
1 EDB exploit
10
CVSSv2
CVE-2007-1329
Directory traversal vulnerability in SQL-Ledger, and LedgerSMB prior to 1.1.5, allows remote malicious users to read and overwrite arbitrary files, and execute arbitrary code, via . (dot) characters adjacent to (1) users and (2) users/members strings, which are removed by blackli...
Sql-ledger Sql-ledger 2.6.25
Ledgersmb Ledgersmb
10
CVSSv2
CVE-2018-8273
A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system, aka "Microsoft SQL Server Remote Code Execution Vulnerability." This affects Microsoft SQL Server.
Microsoft Sql Server 2016
Microsoft Sql Server 2017
1 Article
3.7
CVSSv2
CVE-2017-3486
Vulnerability in the SQL*Plus component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with logon to the infrastructure where SQL*Plus execu...
Oracle Sql Plus 12.1.0.2
Oracle Sql Plus 11.2.0.4
6.5
CVSSv2
CVE-2016-7250
Microsoft SQL Server 2014 SP1, 2014 SP2, and 2016 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability."
Microsoft Sql Server 2014
Microsoft Sql Server 2016
6.5
CVSSv2
CVE-2016-7253
The agent in Microsoft SQL Server 2012 SP2, 2012 SP3, 2014 SP1, 2014 SP2, and 2016 does not properly check the atxcore.dll ACL, which allows remote authenticated users to gain privileges via unspecified vectors, aka "SQL Server Agent Elevation of Privilege Vulnerability.&quo...
Microsoft Sql Server 2012
Microsoft Sql Server 2014
2.1
CVSSv2
CVE-2000-0485
Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, aka the "DTS Password" vulnerability.
Microsoft Sql Server 6.5
Microsoft Sql Server 7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »