CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-23384 – Microsoft SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-23384
11 Apr 2023 — Microsoft SQL Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23384 • CWE-122: Heap-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-21713 – Microsoft SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21713
14 Feb 2023 — Microsoft SQL Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21713 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-21718 – Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21718
14 Feb 2023 — Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21718 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-21705 – Microsoft SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21705
14 Feb 2023 — Microsoft SQL Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21705 • CWE-321: Use of Hard-coded Cryptographic Key •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-21528 – Microsoft SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21528
14 Feb 2023 — Microsoft SQL Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21528 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 1CVE-2021-1636 – Microsoft SQL Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-1636
12 Jan 2021 — Microsoft SQL Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de Microsoft SQL • https://github.com/Nate0634034090/bug-free-memory • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 94%CPEs: 3EXPL: 9CVE-2020-0618 – Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-0618
11 Feb 2020 — A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'. Se presenta una vulnerabilidad de ejecución de código remota en Microsoft SQL Server Reporting Services cuando maneja inapropiadamente las peticiones de página, también se conoce como "Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability". A vulnerability exists within Micro... • https://packetstorm.news/files/id/159216 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2017-8516
https://notcve.org/view.php?id=CVE-2017-8516
08 Aug 2017 — Microsoft SQL Server Analysis Services in Microsoft SQL Server 2012, Microsoft SQL Server 2014, and Microsoft SQL Server 2016 allows an information disclosure vulnerability when it improperly enforces permissions, aka "Microsoft SQL Server Analysis Services Information Disclosure Vulnerability". Microsoft SQL Server Analysis Services en Microsoft SQL Server 2012, Microsoft SQL Server 2014, y Microsoft SQL Server 2016 permite una vulnerabilidad de divulgación de información cuando aplica permisos de forma in... • http://www.securityfocus.com/bid/100041 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 15%CPEs: 4EXPL: 0CVE-2016-7253
https://notcve.org/view.php?id=CVE-2016-7253
10 Nov 2016 — The agent in Microsoft SQL Server 2012 SP2, 2012 SP3, 2014 SP1, 2014 SP2, and 2016 does not properly check the atxcore.dll ACL, which allows remote authenticated users to gain privileges via unspecified vectors, aka "SQL Server Agent Elevation of Privilege Vulnerability." El agente en Microsoft SQL Server 2012 SP2, 2012 SP3, 2014 SP1, 2014 SP2 y 2016 no comprueba correctamente el atxcore.dll ACL, lo que permite a usuarios remotos autenticados obtener privilegios a través de vectores no especificados, vulner... • http://www.securityfocus.com/bid/94056 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 14%CPEs: 2EXPL: 0CVE-2016-7254
https://notcve.org/view.php?id=CVE-2016-7254
10 Nov 2016 — Microsoft SQL Server 2012 SP2 and 2012 SP3 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability." Microsoft SQL Server 2012 SP2 y 2012 SP3 no realiza correctamente el molde de un puntero no especificado, lo que permite usuarios remotos autenticados obtener privilegios a través de vectores desconocidos, vulnerabilidad también conocida como "SQL RDBMS Engine Elevati... • http://www.securityfocus.com/bid/94061 • CWE-264: Permissions, Privileges, and Access Controls •