cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-37980,https://securityvulnerability.io/vulnerability/CVE-2024-37980,Elevation of Privilege Vulnerability,"Microsoft SQL Server is susceptible to a vulnerability that allows an elevation of privilege. This flaw can be exploited by attackers to gain higher access levels than intended, potentially compromising the integrity and confidentiality of the database. Organizations using affected versions of SQL Server should ensure they are implementing adequate security measures and apply any available patches to mitigate this risk effectively.",Microsoft,"Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2016 Service Pack 3 (gdr),Microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack,Microsoft Sql Server 2017 (cu 31),Microsoft Sql Server 2022 (gdr),Microsoft Sql Server 2019 (cu 28),Microsoft Sql Server 2022 For (cu 14)",8.8,HIGH,0.0005000000237487257,false,false,false,false,,false,false,2024-09-10T16:54:22.310Z,0
CVE-2024-37341,https://securityvulnerability.io/vulnerability/CVE-2024-37341,Elevation of Privilege Vulnerability Affects Microsoft SQL Server,"A vulnerability exists in Microsoft SQL Server that permits an elevation of privilege, potentially allowing an attacker to execute arbitrary code with elevated permissions. This could lead to unauthorized access to sensitive data or manipulation of the database environment. Users of Microsoft SQL Server are encouraged to review the details and implications of the vulnerability, as well as recommended mitigation measures, to secure their systems against potential exploitation.",Microsoft,"Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2016 Service Pack 3 (gdr),Microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack,Microsoft Sql Server 2017 (cu 31),Microsoft Sql Server 2022 (gdr),Microsoft Sql Server 2022 For (cu 14),Microsoft Sql Server 2019 (cu 28)",9.8,CRITICAL,0.0010100000072270632,false,false,false,false,,false,false,2024-09-10T16:53:54.263Z,0
CVE-2024-37965,https://securityvulnerability.io/vulnerability/CVE-2024-37965,Elevation of Privilege Vulnerability Affects Microsoft SQL Server,"The vulnerability in Microsoft SQL Server allows an attacker to elevate their privileges within the database environment. By exploiting this weakness, unauthorized users could gain elevated access, potentially leading to sensitive data exposure or manipulation. This issue highlights the importance of applying the latest security updates to mitigate the risks associated with unauthorized access and maintain the integrity of database operations.",Microsoft,"Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2016 Service Pack 3 (gdr),Microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack,Microsoft Sql Server 2017 (cu 31),Microsoft Sql Server 2022 (gdr),Microsoft Sql Server 2022 For (cu 14),Microsoft Sql Server 2019 (cu 28)",8.8,HIGH,0.0004799999878741801,false,false,false,false,,false,false,2024-09-10T16:53:53.704Z,0
CVE-2024-26191,https://securityvulnerability.io/vulnerability/CVE-2024-26191,Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability,"This vulnerability in Microsoft SQL Server Native Scoring allows attackers to execute arbitrary code remotely, posing significant risks to the security and integrity of the database systems. Successful exploitation occurs when an attacker interacts with affected services, potentially leading to unauthorized access and manipulation of sensitive data. Organizations using Microsoft SQL Server should ensure that they are aware of this issue and take necessary precautions to protect their environments.",Microsoft,"Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2017 (cu 31),Microsoft Sql Server 2022 (gdr),Microsoft Sql Server 2022 For (cu 14),Microsoft Sql Server 2019 (cu 28)",8.8,HIGH,0.00046999999904073775,false,false,false,false,,false,false,2024-09-10T16:53:40.880Z,0
CVE-2024-26186,https://securityvulnerability.io/vulnerability/CVE-2024-26186,Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability,"A vulnerability exists within Microsoft SQL Server that allows for remote code execution. This issue is tied to the Native Scoring feature, potentially enabling attackers to execute arbitrary code on the affected system. This flaw could lead to significant security risks if left unpatched. Organizations utilizing Microsoft SQL Server are advised to implement necessary security measures and update their systems as per vendor guidelines to mitigate risks associated with this vulnerability.",Microsoft,"Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2017 (cu 31),Microsoft Sql Server 2022 (gdr),Microsoft Sql Server 2019 (cu 28),Microsoft Sql Server 2022 For (cu 14)",8.8,HIGH,0.00046999999904073775,false,false,false,false,,false,false,2024-09-10T16:53:40.280Z,0
CVE-2024-37342,https://securityvulnerability.io/vulnerability/CVE-2024-37342,Microsoft SQL Server Native Scoring Information Disclosure Vulnerability,Microsoft SQL Server Native Scoring Information Disclosure Vulnerability,Microsoft,"Microsoft Sql Server 2019 (cu 28),Microsoft Sql Server 2022 For (cu 14),Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2017 (cu 31),Microsoft Sql Server 2022 (gdr)",4.3,MEDIUM,0.000699999975040555,false,false,false,false,,false,false,2024-09-10T16:53:39.717Z,0
CVE-2024-37337,https://securityvulnerability.io/vulnerability/CVE-2024-37337,Microsoft SQL Server Native Scoring Information Disclosure Vulnerability,Microsoft SQL Server Native Scoring Information Disclosure Vulnerability,Microsoft,"Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2017 (cu 31),Microsoft Sql Server 2022 (gdr),Microsoft Sql Server 2022 For (cu 14),Microsoft Sql Server 2019 (cu 28)",4.3,MEDIUM,0.000699999975040555,false,false,false,false,,false,false,2024-09-10T16:53:39.088Z,0
CVE-2024-37339,https://securityvulnerability.io/vulnerability/CVE-2024-37339,Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability,"Microsoft SQL Server has been identified with a vulnerability within its Native Scoring feature that allows attackers to execute arbitrary code remotely. This vulnerability can be exploited by sending specially crafted requests to the SQL Server, leading to unexpected behavior and potentially compromising sensitive data. Organizations utilizing affected versions of SQL Server should prioritize patching to mitigate risks associated with unauthorized access and ensure the security of their database environments.",Microsoft,"Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2017 (cu 31),Microsoft Sql Server 2022 (gdr),Microsoft Sql Server 2022 For (cu 14),Microsoft Sql Server 2019 (cu 28)",8.8,HIGH,0.00046999999904073775,false,false,false,false,,false,false,2024-09-10T16:53:38.546Z,0
CVE-2024-37340,https://securityvulnerability.io/vulnerability/CVE-2024-37340,Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability,"A vulnerability exists in Microsoft SQL Server related to the Native Scoring feature, which could allow remote code execution. If successfully exploited, an attacker could execute arbitrary code on the affected system. The vulnerability arises from improper handling of certain inputs and may affect users who rely on the SQL Server's scoring capabilities. Users are advised to apply the recommended security updates to mitigate potential risks and strengthen their database security.",Microsoft,"Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2017 (cu 31),Microsoft Sql Server 2022 (gdr),Microsoft Sql Server 2022 For (cu 14),Microsoft Sql Server 2019 (cu 28)",8.8,HIGH,0.00046999999904073775,false,false,false,false,,false,false,2024-09-10T16:53:37.939Z,0
CVE-2024-37335,https://securityvulnerability.io/vulnerability/CVE-2024-37335,Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability,"The vulnerability in Microsoft SQL Server Native Scoring allows for remote code execution, potentially enabling attackers to run arbitrary code on affected systems. This could lead to unauthorized access and manipulation of sensitive data. Organizations using the impacted SQL Server versions should promptly apply security updates and implement mitigations to safeguard against potential exploitations. Regular security assessments and monitoring are advised to ensure ongoing protection from such vulnerabilities.",Microsoft,"Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2017 (cu 31),Microsoft Sql Server 2022 (gdr),Microsoft Sql Server 2019 (cu 28),Microsoft Sql Server 2022 For (cu 14)",8.8,HIGH,0.00046999999904073775,false,false,false,false,,false,false,2024-09-10T16:53:37.267Z,0
CVE-2024-37966,https://securityvulnerability.io/vulnerability/CVE-2024-37966,Microsoft SQL Server Native Scoring Information Disclosure Vulnerability,"The vulnerability pertains to Microsoft SQL Server's native scoring capability, which may inadvertently disclose sensitive information. This flaw enables unauthorized access to confidential data during certain conditions, potentially impacting the confidentiality of sensitive datasets. Organizations utilizing these SQL Server versions are advised to monitor for unusual activity and apply necessary patches to mitigate risks associated with this vulnerability.",Microsoft,"Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2017 (cu 31),Microsoft Sql Server 2022 (gdr),Microsoft Sql Server 2022 For (cu 14),Microsoft Sql Server 2019 (cu 28)",7.1,HIGH,0.0004799999878741801,false,false,false,false,,false,false,2024-09-10T16:53:36.605Z,0
CVE-2024-37338,https://securityvulnerability.io/vulnerability/CVE-2024-37338,Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability,"The vulnerability in Microsoft SQL Server Native Scoring can allow remote code execution when an attacker sends specially crafted requests to the affected SQL Server instance. This may result in unauthorized access to critical systems, posing significant security risks. Users are advised to apply the necessary updates and review security measures to prevent exploitation. For detailed information and mitigation steps, refer to the vendor advisory.",Microsoft,"Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2017 (cu 31),Microsoft Sql Server 2022 (gdr),Microsoft Sql Server 2019 (cu 28),Microsoft Sql Server 2022 For (cu 14)",8.8,HIGH,0.00046999999904073775,false,false,false,false,,false,false,2024-09-10T16:53:35.477Z,0