Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql server 2017 vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2017-15365
sql/event_data_objects.cc in MariaDB prior to 10.1.30 and 10.2.x prior to 10.2.10 and Percona XtraDB Cluster prior to 5.6.37-26.21-3 and 5.7.x prior to 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data defin...
Fedoraproject Fedora 26
Mariadb Mariadb
Percona Xtradb Cluster
578
VMScore
CVE-2017-7717
SQL injection vulnerability in the getUserUddiElements method in the ES UDDI component in SAP NetWeaver AS Java 7.4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2356504.
Sap Netweaver Application Server Java 7.40
578
VMScore
CVE-2017-5585
OpenText Documentum Content Server (formerly EMC Documentum Content Server) 7.3, when PostgreSQL Database is used and return_top_results_row_based config option is false, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attack...
Opentext Documentum Content Server 7.3
578
VMScore
CVE-2017-5570
An issue exists in eClinicalWorks Patient Portal 7.0 build 13. This is a blind SQL injection within the messageJson.jsp, which can only be exploited by authenticated users via an HTTP POST request and which can be used to dump database data out to a malicious server, using an out...
Eclinicalworks Patient Portal 7.0
534
VMScore
CVE-2022-29143
Microsoft SQL Server Remote Code Execution Vulnerability
Microsoft Sql Server 2014
Microsoft Sql Server 2016
Microsoft Sql Server 2017
Microsoft Sql Server 2019
490
VMScore
CVE-2017-14807
An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in susestudio-ui-server of SUSE Studio onsite allows remote attackers with admin privileges in Studio to alter SQL statements, allowing for extraction and modification ...
Suse Studio Onsite 1.3
Suse Susestudio-ui-server
490
VMScore
CVE-2019-1824
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote malicious user to execute arbitrary SQL queries. This vulnerability exist because the software improp...
Cisco Evolved Programmable Network Manager
Cisco Prime Infrastructure
490
VMScore
CVE-2019-1825
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote malicious user to execute arbitrary SQL queries. This vulnerability exist because the software improp...
Cisco Prime Infrastructure
Cisco Network Level Service 3.0\\(0.0.83b\\)
Cisco Evolved Programmable Network Manager
481
VMScore
CVE-2017-1183
IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) malicious user to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494.
Ibm Tivoli Monitoring 6.2.3.5
Ibm Tivoli Monitoring 6.3.0.7
Ibm Tivoli Monitoring 6.2.2.9
446
VMScore
CVE-2017-9066
In WordPress prior to 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF.
Wordpress Wordpress
Debian Debian Linux 9.0
Debian Debian Linux 8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »