Medium severity6.2NVD Advisory· Published Mar 11, 2026· Updated Apr 15, 2026

CVE-2019-25475

Description

SQL Server Password Changer 1.90 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can inject 6000 bytes of data into the User Name and Registration Code field to trigger a denial of service condition.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/47318nvd
www.vulncheck.com/advisories/sql-server-password-changer-denial-of-service-buffer-overflownvd

News mentions

No linked articles in our index yet.

cvss	0.403
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000