CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2023-36728 – Microsoft SQL Server Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-36728
10 Oct 2023 — Microsoft SQL Server Denial of Service Vulnerability Vulnerabilidad de denegación de servicio en Microsoft SQL Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36728 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-23384 – Microsoft SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-23384
11 Apr 2023 — Microsoft SQL Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23384 • CWE-122: Heap-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-21713 – Microsoft SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21713
14 Feb 2023 — Microsoft SQL Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21713 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-21718 – Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21718
14 Feb 2023 — Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21718 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-21705 – Microsoft SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21705
14 Feb 2023 — Microsoft SQL Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21705 • CWE-321: Use of Hard-coded Cryptographic Key •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-21704 – Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21704
14 Feb 2023 — Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability Vulnerabilidad de ejecución de código remota de Microsoft ODBC Driver para SQL Server • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21704 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-21528 – Microsoft SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21528
14 Feb 2023 — Microsoft SQL Server Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21528 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-29143 – Microsoft SQL Server Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-29143
15 Jun 2022 — Microsoft SQL Server Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota en Microsoft SQL Server • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29143 •
CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 1CVE-2021-1636 – Microsoft SQL Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-1636
12 Jan 2021 — Microsoft SQL Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de Microsoft SQL • https://github.com/Nate0634034090/bug-free-memory • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 4%CPEs: 2EXPL: 0CVE-2020-1044 – SQL Server Reporting Services Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-1044
11 Sep 2020 —
A security feature bypass vulnerability exists in SQL Server Reporting Services (SSRS) when the server improperly validates attachments uploaded to reports. An attacker who successfully exploited this vulnerability could upload file types that were disallowed by an administrator.
To exploit the vulnerability, an authenticated attacker would need to send a specially crafted request to an affected SSRS server.
The update addresses the vulnerability by modifying how SSRS validates attachment u... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1044 • CWE-20: Improper Input Validation •