SQL Server
by Microsoft
CVEs (109)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-43474 | 0.01 | — | 0.01 | Sep 10, 2024 | Microsoft SQL Server Information Disclosure Vulnerability | |||
| CVE-2021-1636 | 0.01 | — | 0.06 | Jan 12, 2021 | Microsoft SQL Elevation of Privilege Vulnerability | |||
| CVE-2015-1763 | 0.01 | — | 0.12 | Jul 14, 2015 | Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 does not prevent use of uninitialized memory in certain attempts to execute virtual functions, which allows remote authenticated users to execute arbitrary code via a crafted query, aka "SQL… | |||
| CVE-2015-1762 | 0.01 | — | 0.10 | Jul 14, 2015 | Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014, when transactional replication is configured, does not prevent use of uninitialized memory in unspecified function calls, which allows remote authenticated users to execute arbitrary code by… | |||
| CVE-2015-1761 | 0.01 | — | 0.18 | Jul 14, 2015 | Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 uses an incorrect class during casts of unspecified pointers, which allows remote authenticated users to gain privileges by leveraging certain write access, aka "SQL Server Elevation of… | |||
| CVE-2014-1820 | 0.01 | — | 0.15 | Aug 12, 2014 | Cross-site scripting (XSS) vulnerability in Master Data Services (MDS) in Microsoft SQL Server 2012 SP1 and 2014 on 64-bit platforms allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "SQL Master Data Services XSS Vulnerability." | |||
| CVE-2012-2552 | 0.01 | — | 0.16 | Oct 9, 2012 | Cross-site scripting (XSS) vulnerability in the SQL Server Report Manager in Microsoft SQL Server 2000 Reporting Services SP2 and SQL Server 2005 SP4, 2008 SP2 and SP3, 2008 R2 SP1, and 2012 allows remote attackers to inject arbitrary web script or HTML via an unspecified… | |||
| CVE-2011-1280 | 0.01 | — | 0.15 | Jun 16, 2011 | The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express (SSMSE) 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote… | |||
| CVE-2008-4110 | 0.01 | — | 0.18 | Sep 16, 2008 | Buffer overflow in the SQLVDIRLib.SQLVDirControl ActiveX control in Tools\Binn\sqlvdir.dll in Microsoft SQL Server 2000 (aka SQL Server 8.0) allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long URL in the second… | |||
| CVE-2008-0085 | 0.01 | — | 0.11 | Jul 8, 2008 | SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 does not initialize memory pages when reallocating… | |||
| CVE-2002-1145 | 0.01 | — | 0.08 | Oct 28, 2002 | The xp_runwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine (MSDE) 1.0, and Microsoft Desktop Engine (MSDE) 2000 can be executed by PUBLIC, which allows an attacker to gain privileges by updating a webtask that is… | |||
| CVE-2002-1137 | 0.01 | — | 0.09 | Oct 11, 2002 | Buffer overflow in the Database Console Command (DBCC) that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, allows attackers to execute arbitrary code via a long SourceDB argument in a… | |||
| CVE-2002-0729 | 0.01 | — | 0.11 | Aug 12, 2002 | Microsoft SQL Server 2000 allows remote attackers to cause a denial of service via a malformed 0x08 packet that is missing a colon separator. | |||
| CVE-2002-0650 | 0.01 | — | 0.18 | Aug 12, 2002 | The keep-alive mechanism for Microsoft SQL Server 2000 allows remote attackers to cause a denial of service (bandwidth consumption) via a "ping" style packet to the Resolution Service (UDP port 1434) with a spoofed IP address of another SQL Server system, which causes the two… | |||
| CVE-2002-0641 | 0.01 | — | 0.11 | Jul 23, 2002 | Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSERT query. | |||
| CVE-2001-0879 | 0.01 | — | 0.08 | Dec 20, 2001 | Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service. | |||
| CVE-2001-0542 | 0.01 | — | 0.14 | Dec 20, 2001 | Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported in MS01-060 is… | |||
| CVE-2001-0509 | 0.01 | — | 0.17 | Sep 20, 2001 | Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs. | |||
| CVE-2000-0202 | 0.01 | — | 0.10 | Mar 8, 2000 | Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 allow remote attackers to gain privileges via a malformed Select statement in an SQL query. | |||
| CVE-2025-47954 | 0.00 | — | 0.01 | Aug 12, 2025 | Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network. |
- CVE-2024-43474Sep 10, 2024risk 0.01cvss —epss 0.01
Microsoft SQL Server Information Disclosure Vulnerability
- CVE-2021-1636Jan 12, 2021risk 0.01cvss —epss 0.06
Microsoft SQL Elevation of Privilege Vulnerability
- CVE-2015-1763Jul 14, 2015risk 0.01cvss —epss 0.12
Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 does not prevent use of uninitialized memory in certain attempts to execute virtual functions, which allows remote authenticated users to execute arbitrary code via a crafted query, aka "SQL…
- CVE-2015-1762Jul 14, 2015risk 0.01cvss —epss 0.10
Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014, when transactional replication is configured, does not prevent use of uninitialized memory in unspecified function calls, which allows remote authenticated users to execute arbitrary code by…
- CVE-2015-1761Jul 14, 2015risk 0.01cvss —epss 0.18
Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 uses an incorrect class during casts of unspecified pointers, which allows remote authenticated users to gain privileges by leveraging certain write access, aka "SQL Server Elevation of…
- CVE-2014-1820Aug 12, 2014risk 0.01cvss —epss 0.15
Cross-site scripting (XSS) vulnerability in Master Data Services (MDS) in Microsoft SQL Server 2012 SP1 and 2014 on 64-bit platforms allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "SQL Master Data Services XSS Vulnerability."
- CVE-2012-2552Oct 9, 2012risk 0.01cvss —epss 0.16
Cross-site scripting (XSS) vulnerability in the SQL Server Report Manager in Microsoft SQL Server 2000 Reporting Services SP2 and SQL Server 2005 SP4, 2008 SP2 and SP3, 2008 R2 SP1, and 2012 allows remote attackers to inject arbitrary web script or HTML via an unspecified…
- CVE-2011-1280Jun 16, 2011risk 0.01cvss —epss 0.15
The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express (SSMSE) 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote…
- CVE-2008-4110Sep 16, 2008risk 0.01cvss —epss 0.18
Buffer overflow in the SQLVDIRLib.SQLVDirControl ActiveX control in Tools\Binn\sqlvdir.dll in Microsoft SQL Server 2000 (aka SQL Server 8.0) allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long URL in the second…
- CVE-2008-0085Jul 8, 2008risk 0.01cvss —epss 0.11
SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 does not initialize memory pages when reallocating…
- CVE-2002-1145Oct 28, 2002risk 0.01cvss —epss 0.08
The xp_runwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine (MSDE) 1.0, and Microsoft Desktop Engine (MSDE) 2000 can be executed by PUBLIC, which allows an attacker to gain privileges by updating a webtask that is…
- CVE-2002-1137Oct 11, 2002risk 0.01cvss —epss 0.09
Buffer overflow in the Database Console Command (DBCC) that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, allows attackers to execute arbitrary code via a long SourceDB argument in a…
- CVE-2002-0729Aug 12, 2002risk 0.01cvss —epss 0.11
Microsoft SQL Server 2000 allows remote attackers to cause a denial of service via a malformed 0x08 packet that is missing a colon separator.
- CVE-2002-0650Aug 12, 2002risk 0.01cvss —epss 0.18
The keep-alive mechanism for Microsoft SQL Server 2000 allows remote attackers to cause a denial of service (bandwidth consumption) via a "ping" style packet to the Resolution Service (UDP port 1434) with a spoofed IP address of another SQL Server system, which causes the two…
- CVE-2002-0641Jul 23, 2002risk 0.01cvss —epss 0.11
Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSERT query.
- CVE-2001-0879Dec 20, 2001risk 0.01cvss —epss 0.08
Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service.
- CVE-2001-0542Dec 20, 2001risk 0.01cvss —epss 0.14
Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported in MS01-060 is…
- CVE-2001-0509Sep 20, 2001risk 0.01cvss —epss 0.17
Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs.
- CVE-2000-0202Mar 8, 2000risk 0.01cvss —epss 0.10
Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 allow remote attackers to gain privileges via a malformed Select statement in an SQL query.
- CVE-2025-47954Aug 12, 2025risk 0.00cvss —epss 0.01
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
Page 4 of 6