Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-32028
Microsoft SQL OLE DB Remote Code Execution Vulnerability
Microsoft Sql Server 2019
Microsoft Sql Server 2022
Microsoft Ole Db Driver For Sql Server
NA
CVE-2013-2323
HP SQL/MX 3.0 up to and including 3.2 on NonStop servers, when SQL/MP Objects are used, allows remote authenticated users to bypass intended access restrictions and modify data via unspecified vectors, aka the "SQL/MP tables" issue.
Hp Nonstop Sql\\/mx 3.1
Hp Nonstop Sql\\/mx 3.2
Hp Nonstop Sql\\/mx 3.0
7.8
CVSSv3
CVE-2023-36417
Microsoft SQL OLE DB Remote Code Execution Vulnerability
Microsoft Sql Server 2019
Microsoft Sql Server 2022
Microsoft Ole Db Driver For Sql Server
NA
CVE-2008-1870
SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Geek247 Pigmy-sql
Geek247 Pigmy-sql 1.4
1 EDB exploit
NA
CVE-2007-1329
Directory traversal vulnerability in SQL-Ledger, and LedgerSMB prior to 1.1.5, allows remote malicious users to read and overwrite arbitrary files, and execute arbitrary code, via . (dot) characters adjacent to (1) users and (2) users/members strings, which are removed by blackli...
Sql-ledger Sql-ledger 2.6.25
Ledgersmb Ledgersmb
9.8
CVSSv3
CVE-2018-8273
A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system, aka "Microsoft SQL Server Remote Code Execution Vulnerability." This affects Microsoft SQL Server.
Microsoft Sql Server 2016
Microsoft Sql Server 2017
1 Article
7.2
CVSSv3
CVE-2017-3486
Vulnerability in the SQL*Plus component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with logon to the infrastructure where SQL*Plus execu...
Oracle Sql Plus 12.1.0.2
Oracle Sql Plus 11.2.0.4
8.8
CVSSv3
CVE-2016-7250
Microsoft SQL Server 2014 SP1, 2014 SP2, and 2016 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability."
Microsoft Sql Server 2014
Microsoft Sql Server 2016
8.8
CVSSv3
CVE-2016-7253
The agent in Microsoft SQL Server 2012 SP2, 2012 SP3, 2014 SP1, 2014 SP2, and 2016 does not properly check the atxcore.dll ACL, which allows remote authenticated users to gain privileges via unspecified vectors, aka "SQL Server Agent Elevation of Privilege Vulnerability.&quo...
Microsoft Sql Server 2012
Microsoft Sql Server 2014
NA
CVE-2000-0485
Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, aka the "DTS Password" vulnerability.
Microsoft Sql Server 6.5
Microsoft Sql Server 7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »