cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-36728,https://securityvulnerability.io/vulnerability/CVE-2023-36728,Microsoft SQL Server Denial of Service Vulnerability,Microsoft SQL Server Denial of Service Vulnerability,Microsoft,"Microsoft Sql Server 2019 (cu 22),Microsoft Sql Server 2022 (cu 8),Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2014 Service Pack 3 (gdr),Microsoft Sql Server 2014 Service Pack 3 (cu 4),Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2016 Service Pack 3 (gdr),Microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack,Microsoft Sql Server 2017 (cu 31),Microsoft Sql Server 2022 (gdr),Microsoft Ole Db Driver 19 For Sql Server,Microsoft Ole Db Driver 18 For Sql Server,Microsoft Odbc Driver 17 For Sql Server On Windows,Microsoft Odbc Driver 17 For Sql Server On Linux,Microsoft Odbc Driver 17 For Sql Server On Mac OS,Microsoft Odbc Driver 18 For Sql Server On Windows,Microsoft Odbc Driver 18 For Sql Server On Linux,Microsoft Odbc Driver 18 For Sql Server On Mac OS",5.5,MEDIUM,0.00046999999904073775,false,false,false,false,,false,false,2023-10-10T18:15:00.000Z,0
CVE-2023-23384,https://securityvulnerability.io/vulnerability/CVE-2023-23384,Microsoft SQL Server Remote Code Execution Vulnerability,"A significant vulnerability in Microsoft SQL Server could allow an attacker to execute arbitrary code remotely, potentially compromising the integrity and confidentiality of the database environment. This vulnerability poses a threat to user data and overall system security, making it crucial for organizations to apply necessary updates and mitigations promptly. For more details, please refer to the official Microsoft advisory.",Microsoft,"Microsoft Sql Server 2008 Service Pack 4 (qfe),Microsoft Sql Server 2012 Service Pack 4 (qfe),Microsoft Sql Server 2012 For X64-based Systems Service Pack 4 (qfe),Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2008 R2 Service Pack 3 (qfe),Microsoft Sql Server 2014 Service Pack 3 (gdr),Microsoft Sql Server 2014 Service Pack 3 (cu 4),Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2016 Service Pack 3 (gdr),Microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack,Microsoft Sql Server 2017 (cu 31),Microsoft Sql Server 2019 (cu 18),Microsoft Sql Server 2022 (gdr)",7.3,HIGH,0.003719999920576811,false,false,false,false,,false,false,2023-04-11T21:15:00.000Z,0
CVE-2023-21705,https://securityvulnerability.io/vulnerability/CVE-2023-21705,Microsoft SQL Server Remote Code Execution Vulnerability,"A vulnerability in Microsoft SQL Server allows remote attackers to execute arbitrary code by sending specially crafted requests. This issue affects several versions of SQL Server, potentially compromising the confidentiality, integrity, and availability of the database system. Affected users should prioritize applying security updates provided by Microsoft to mitigate the risks associated with this vulnerability.",Microsoft,"Microsoft Sql Server 2012 Service Pack 4 (qfe),Microsoft Sql Server 2012 For X64-based Systems Service Pack 4 (qfe),Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2014 Service Pack 3 (gdr),Microsoft Sql Server 2014 Service Pack 3 (cu 4),Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2016 Service Pack 3 (gdr),Microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack,Microsoft Sql Server 2017 (cu 31),Microsoft Sql Server 2022 (gdr),Microsoft Sql Server 2019 (cu 18)",8.8,HIGH,0.0028699999675154686,false,false,false,false,,false,false,2023-02-14T20:15:00.000Z,0
CVE-2023-21718,https://securityvulnerability.io/vulnerability/CVE-2023-21718,Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability,"A remote code execution vulnerability exists when the Microsoft ODBC Driver for SQL Server improperly handles objects in memory. An attacker who successfully exploits this vulnerability could run arbitrary code on the affected system. To exploit the vulnerability, an attacker would need to send a specially crafted request to the SQL Server, potentially compromising the confidentiality, integrity, and availability of affected systems. Users are advised to update to the latest version to mitigate risk.",Microsoft,"Microsoft Sql Server 2012 Service Pack 4 (qfe),Microsoft Sql Server 2012 For X64-based Systems Service Pack 4 (qfe),Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2014 Service Pack 3 (gdr),Microsoft Sql Server 2014 Service Pack 3 (cu 4),Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2016 Service Pack 3 (gdr),Microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack,Microsoft Sql Server 2017 (cu 31),Microsoft Sql Server 2022 (gdr),Microsoft Sql Server 2019 (cu 18),Microsoft Sql Server 2008 R2 Service Pack 3 (qfe),Microsoft Sql Server 2008 Service Pack 4 (qfe)",7.8,HIGH,0.0028699999675154686,false,false,false,false,,false,false,2023-02-14T20:15:00.000Z,0
CVE-2023-21704,https://securityvulnerability.io/vulnerability/CVE-2023-21704,Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability,"The Microsoft ODBC Driver for SQL Server contains a vulnerability that allows remote code execution under certain conditions. An attacker exploiting this weakness could potentially gain unauthorized access and control over affected systems, leading to data compromise and disruption of services. It is crucial for users and administrators to apply the recommended updates to safeguard their infrastructures against this security threat. For detailed guidance on mitigation and updates, refer to the official vendor advisory.",Microsoft,"Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2014 Service Pack 3 (gdr),Microsoft Sql Server 2014 Service Pack 3 (cu 4),Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2016 Service Pack 3 (gdr),Microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack,Microsoft Sql Server 2019 (cu 18),Microsoft Sql Server 2017 (cu 31),Microsoft Sql Server 2022 (gdr)",7.8,HIGH,0.0028699999675154686,false,false,false,false,,false,false,2023-02-14T20:15:00.000Z,0
CVE-2023-21713,https://securityvulnerability.io/vulnerability/CVE-2023-21713,Microsoft SQL Server Remote Code Execution Vulnerability,"A vulnerability has been identified in Microsoft SQL Server that could allow an attacker to execute arbitrary code on the affected server. This flaw potentially enables remote code execution, which can lead to unauthorized access and control over the database environment. It is essential for organizations using affected SQL Server versions to apply security updates and mitigations promptly to protect against this risk.",Microsoft,"Microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack,Microsoft Sql Server 2014 Service Pack 3 (cu 4),Microsoft Sql Server 2014 Service Pack 3 (gdr),Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2016 Service Pack 3 (gdr),Microsoft Sql Server 2012 Service Pack 4 (qfe),Microsoft Sql Server 2012 For X64-based Systems Service Pack 4 (qfe),Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2019 (cu 18),Microsoft Sql Server 2017 (cu 31),Microsoft Sql Server 2022 (gdr)",8.8,HIGH,0.0028699999675154686,false,false,false,false,,false,false,2023-02-14T20:15:00.000Z,0
CVE-2023-21528,https://securityvulnerability.io/vulnerability/CVE-2023-21528,Microsoft SQL Server Remote Code Execution Vulnerability,"This vulnerability in Microsoft SQL Server allows remote attackers to execute arbitrary code on the server by exploiting a flaw in the configuration or operational parameters of the database service. It poses significant risks to data integrity and confidentiality, making it crucial for administrators to apply relevant patches and secure configurations to mitigate potential exploitation.",Microsoft,"Microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack,Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2016 Service Pack 3 (gdr),Microsoft Sql Server 2014 Service Pack 3 (gdr),Microsoft Sql Server 2014 Service Pack 3 (cu 4),Microsoft Sql Server 2012 Service Pack 4 (qfe),Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2012 For X64-based Systems Service Pack 4 (qfe),Microsoft Sql Server 2017 (cu 31),Microsoft Sql Server 2019 (cu 18),Microsoft Sql Server 2008 Service Pack 4 (qfe),Microsoft Sql Server 2008 R2 Service Pack 3 (qfe),Microsoft Sql Server 2022 (gdr)",7.8,HIGH,0.0028699999675154686,false,false,false,false,,false,false,2023-02-14T20:15:00.000Z,0
CVE-2022-29143,https://securityvulnerability.io/vulnerability/CVE-2022-29143,Microsoft SQL Server Remote Code Execution Vulnerability,Microsoft SQL Server Remote Code Execution Vulnerability,Microsoft,"Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2014 Service Pack 3 (gdr),Microsoft Sql Server 2016 For X64-based Systems Service Pack 2 (gdr),Microsoft Sql Server 2014 Service Pack 3 (cu 4),Microsoft Sql Server 2019 (gdr),Microsoft Sql Server 2019 (cu 16),Microsoft Sql Server 2017 (cu 29),Microsoft Sql Server 2016 Service Pack 2 (cu 17),Microsoft Sql Server 2016 Service Pack 3 (gdr),Microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack",7.5,HIGH,0.005940000060945749,false,false,false,false,,false,false,2022-06-15T21:51:15.000Z,0
CVE-2021-1636,https://securityvulnerability.io/vulnerability/CVE-2021-1636,Microsoft SQL Elevation of Privilege Vulnerability,Microsoft SQL Elevation of Privilege Vulnerability,Microsoft,"Microsoft Sql Server 2012 Service Pack 4 (qfe),Microsoft Sql Server 2012 For X64-based Systems Service Pack 4 (qfe),Microsoft Sql Server 2017 (gdr),Microsoft Sql Server 2014 Service Pack 3 (gdr),Microsoft Sql Server 2016 For X64-based Systems Service Pack 2 (gdr),Microsoft Sql Server 2014 Service Pack 3 (cu 4),Microsoft Sql Server 2017 (cu 22),Microsoft Sql Server 2016 Service Pack 2 (cu 15),Microsoft Sql Server 2019 (cu 8),Microsoft Sql Server 2019 (gdr)",8.8,HIGH,0.0015699999639764428,false,false,false,true,true,false,false,2021-01-12T19:41:55.000Z,0
CVE-2020-0618,https://securityvulnerability.io/vulnerability/CVE-2020-0618,,"A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'.",Microsoft,"Microsoft Sql Server,Microsoft Sql Server 2014 Service Pack 3 For X64-based Systems (gdr),Microsoft Sql Server 2014 Service Pack 3 For X64-based Systems (cu),Microsoft Sql Server 2016 For X64-based Systems Service Pack 2 (gdr),Microsoft Sql Server 2014 Service Pack 3 For 32-bit Systems (gdr),Microsoft Sql Server 2014 Service Pack 3 For 32-bit Systems (cu)",8.8,HIGH,0.9740599989891052,true,false,false,true,true,false,false,2020-02-11T21:22:45.000Z,0
CVE-2019-1068,https://securityvulnerability.io/vulnerability/CVE-2019-1068,,"A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka 'Microsoft SQL Server Remote Code Execution Vulnerability'.",Microsoft,"Microsoft Sql Server 2014 Service Pack 2 For 32-bit Systems (gdr),Microsoft Sql Server,Microsoft Sql Server 2014 Service Pack 2 For X64-based Systems (gdr),Microsoft Sql Server 2016 For X64-based Systems Service Pack 1 (gdr),Microsoft Sql Server 2017 For X64-based Systems (gdr),Microsoft Sql Server 2016 For X64-based Systems Service Pack 2 (gdr),Microsoft Sql Server 2014 Service Pack 3 For X64-based Systems (gdr),Microsoft Sql Server 2014 Service Pack 3 For X64-based Systems (cu),Microsoft Sql Server 2014 Service Pack 3 For 32-bit Systems (gdr),Microsoft Sql Server 2014 Service Pack 3 For 32-bit Systems (cu)",8.8,HIGH,0.025129999965429306,false,false,false,true,true,false,false,2019-07-15T18:56:20.000Z,0