Every CVE whose affected-product data names Microsoft Sql Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (108)
CVE-2002-0721 — CVSS 10.0 (critical): Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions…
CVE-2002-1145 — CVSS 10.0 (critical): The xp_runwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine (MSDE) 1.0, and…
CVE-2018-8273 — CVSS 9.8 (critical): A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system, aka…
CVE-2009-2504 — CVSS 9.3 (critical): Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2…
CVE-2007-5348 — CVSS 9.3 (critical): Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server…
CVE-2009-3126 — CVSS 9.3 (critical): Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft…
CVE-2009-2500 — CVSS 9.3 (critical): Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft…
CVE-2009-2501 — CVSS 9.3 (critical): Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007…
CVE-2009-2503 — CVSS 9.3 (critical): GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft…
CVE-2009-2528 — CVSS 9.3 (critical): GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to…
CVE-2008-3012 — CVSS 9.3 (critical): gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008…
CVE-2008-3013 — CVSS 9.3 (critical): gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008…
CVE-2008-3014 — CVSS 9.3 (critical): Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold…
CVE-2008-3015 — CVSS 9.3 (critical): Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1…
CVE-2008-0107 — CVSS 9.0 (critical): Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2…
CVE-2008-0086 — CVSS 9.0 (critical): Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE 2000) SP4, and 2000 Desktop Engine…
CVE-2008-0106 — CVSS 9.0 (critical): Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 Express Edition SP1 and SP2, allows remote authenticated users to…
CVE-2008-5416 — CVSS 9.0 (critical): Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000)…
CVE-2019-1068 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka…
CVE-2016-7254 — CVSS 8.8 (high): Microsoft SQL Server 2012 SP2 and 2012 SP3 does not properly perform a cast of an unspecified pointer, which allows remote authenticated…
CVE-2016-7253 — CVSS 8.8 (high): The agent in Microsoft SQL Server 2012 SP2, 2012 SP3, 2014 SP1, 2014 SP2, and 2016 does not properly check the atxcore.dll ACL, which…
CVE-2016-7250 — CVSS 8.8 (high): Microsoft SQL Server 2014 SP1, 2014 SP2, and 2016 does not properly perform a cast of an unspecified pointer, which allows remote…
CVE-2016-7249 — CVSS 8.8 (high): Microsoft SQL Server 2016 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain…
CVE-2024-0056 — CVSS 8.7 (high): Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
CVE-2015-1763 — CVSS 8.5 (high): Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 does not prevent use of uninitialized memory in…
CVE-2009-2502 — CVSS 8.1 (high): Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office…
CVE-2008-4110 — CVSS 7.6 (high): Buffer overflow in the SQLVDIRLib.SQLVDirControl ActiveX control in Tools\Binn\sqlvdir.dll in Microsoft SQL Server 2000 (aka SQL Server…
CVE-2017-8516 — CVSS 7.5 (high): Microsoft SQL Server Analysis Services in Microsoft SQL Server 2012, Microsoft SQL Server 2014, and Microsoft SQL Server 2016 allows an…
CVE-2000-0202 — CVSS 7.5 (high): Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 allow remote attackers to gain privileges via a malformed Select statement in…
CVE-2001-0542 — CVSS 7.5 (high): Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the…
CVE-2002-0056 — CVSS 7.5 (high): Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to (1)…
CVE-2002-0154 — CVSS 7.5 (high): Buffer overflows in extended stored procedures for Microsoft SQL Server 7.0 and 2000 allow remote attackers to cause a denial of service or…
CVE-2002-0186 — CVSS 7.5 (high): Buffer overflow in the SQLXML ISAPI extension of Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code via data…
CVE-2002-0187 — CVSS 7.5 (high): Cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000 allows an attacker to execute arbitrary script via…
CVE-2002-0624 — CVSS 7.5 (high): Buffer overflow in the password encryption function of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE)…
CVE-2002-0641 — CVSS 7.5 (high): Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows…
CVE-2002-0644 — CVSS 7.5 (high): Buffer overflow in several Database Consistency Checkers (DBCCs) for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000…
CVE-2002-0645 — CVSS 7.5 (high): SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 may allow…
CVE-2002-0649 — CVSS 7.5 (high): Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote…
CVE-2002-0859 — CVSS 7.5 (high): Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary…
CVE-2002-0982 — CVSS 7.5 (high): Microsoft SQL Server 2000 SP2, when configured as a distributor, allows attackers to execute arbitrary code via the @scriptfile parameter…
CVE-2002-1123 — CVSS 7.5 (high): Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote…
CVE-2002-1137 — CVSS 7.5 (high): Buffer overflow in the Database Console Command (DBCC) that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft…
CVE-2002-1138 — CVSS 7.5 (high): Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, writes output files…
CVE-2002-1872 — CVSS 7.5 (high): Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption (XOR), which allows remote attackers…
CVE-2007-4814 — CVSS 7.5 (high): Buffer overflow in the SQLServer ActiveX control in the Distributed Management Objects OLE DLL (sqldmo.dll) 2000.085.2004.00 in Microsoft…
CVE-2001-0344 — CVSS 7.2 (high): An SQL query method in Microsoft SQL Server 2000 Gold and 7.0 using Mixed Mode allows local database users to gain privileges by reusing a…
CVE-1999-1556 — CVSS 7.2 (high): Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion…
CVE-2002-0642 — CVSS 7.2 (high): The registry key containing the SQL Server service account information in Microsoft SQL Server 2000, including Microsoft SQL Server Desktop…
CVE-2003-0232 — CVSS 7.2 (high): Microsoft SQL Server 7, 2000, and MSDE allows local users to execute arbitrary code via a certain request to the Local Procedure Calls…
CVE-2000-0199 — CVSS 7.2 (high): When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Always prompt for login name and password"…
CVE-2003-0230 — CVSS 7.2 (high): Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another…
CVE-2015-1762 — CVSS 7.1 (high): Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014, when transactional replication is configured, does…
CVE-2014-4061 — CVSS 6.8 (medium): Microsoft SQL Server 2008 SP3, 2008 R2 SP2, and 2012 SP1 does not properly control use of stack memory for processing of T-SQL batch…
CVE-2015-1761 — CVSS 6.5 (medium): Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 uses an incorrect class during casts of unspecified…
CVE-2019-0819 — CVSS 6.5 (medium): An information disclosure vulnerability exists in Microsoft SQL Server Analysis Services when it improperly enforces metadata permissions…
CVE-2016-7252 — CVSS 6.5 (medium): Microsoft SQL Server 2016 mishandles the FILESTREAM path, which allows remote authenticated users to gain privileges via unspecified…
CVE-2016-7251 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in the MDS API in Microsoft SQL Server 2016 allows remote attackers to inject arbitrary web script…
CVE-2002-0650 — CVSS 5.0 (medium): The keep-alive mechanism for Microsoft SQL Server 2000 allows remote attackers to cause a denial of service (bandwidth consumption) via a…
CVE-2004-1560 — CVSS 5.0 (medium): Microsoft SQL Server 7.0 allows remote attackers to cause a denial of service (mssqlserver service halt) via a long request to TCP port…
CVE-2003-0231 — CVSS 5.0 (medium): Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenticated users to cause a denial of service (crash or hang) via a long…
CVE-2002-1981 — CVSS 5.0 (medium): Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the "public" role to execute the (1) sp_MSSetServerProperties or (2)…
CVE-2002-0729 — CVSS 5.0 (medium): Microsoft SQL Server 2000 allows remote attackers to cause a denial of service via a malformed 0x08 packet that is missing a colon…
CVE-2002-0224 — CVSS 5.0 (medium): The MSDTC (Microsoft Distributed Transaction Service Coordinator) for Microsoft Windows 2000, Microsoft IIS 5.0 and SQL Server 6.5 through…
CVE-2002-0057 — CVSS 5.0 (medium): XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote…
CVE-2001-0879 — CVSS 5.0 (medium): Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service.
CVE-2001-0509 — CVSS 5.0 (medium): Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT…
CVE-2008-0085 — CVSS 5.0 (medium): SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop…
CVE-2000-0654 — CVSS 4.6 (medium): Microsoft Enterprise Manager allows local users to obtain database passwords via the Data Transformation Service (DTS) package Registered…
CVE-2000-0603 — CVSS 4.6 (medium): Microsoft SQL Server 7.0 allows a local user to bypass permissions for stored procedures by referencing them via a temporary stored…
CVE-2000-1087 — CVSS 4.6 (medium): The xp_proxiedmetadata function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of…
CVE-2000-1088 — CVSS 4.6 (medium): The xp_SetSQLSecurity function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a…
CVE-2000-1086 — CVSS 4.6 (medium): The xp_printstatements function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of…
CVE-2000-1085 — CVSS 4.6 (medium): The xp_peekqueue function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a…
CVE-2000-1084 — CVSS 4.6 (medium): The xp_updatecolvbm function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer…
CVE-2002-0643 — CVSS 4.6 (medium): The installation of Microsoft Data Engine 1.0 (MSDE 1.0), and Microsoft SQL Server 2000 creates setup.iss files with insecure permissions…
CVE-2000-1082 — CVSS 4.6 (medium): The xp_enumresultset function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a…
CVE-2000-1081 — CVSS 4.6 (medium): The xp_displayparamstmt function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a…
CVE-2012-2552 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the SQL Server Report Manager in Microsoft SQL Server 2000 Reporting Services SP2 and SQL…
CVE-1999-0999 — CVSS 4.3 (medium): Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet.
CVE-2014-1820 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Master Data Services (MDS) in Microsoft SQL Server 2012 SP1 and 2014 on 64-bit platforms allows…
CVE-2011-1280 — CVSS 4.3 (medium): The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio…
CVE-2000-1083 — CVSS 2.1 (low): The xp_showcolv function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer…
CVE-2000-0402 — CVSS 2.1 (low): The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log…
CVE-2000-0485 — CVSS 2.1 (low): Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog…