Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sql_server_2019
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 127 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-08-12 | CVE-2025-24999 | Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network. | Sql_server_2016, Sql_server_2017, Sql_server_2019, Sql_server_2022 | 8.8 | ||
| 2025-08-12 | CVE-2025-49758 | Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network. | Sql_server_2016, Sql_server_2017, Sql_server_2019, Sql_server_2022 | 8.8 | ||
| 2025-08-12 | CVE-2025-49759 | Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network. | Sql_server_2016, Sql_server_2017, Sql_server_2019, Sql_server_2022 | 8.8 | ||
| 2025-08-12 | CVE-2025-53727 | Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network. | Sql_server_2016, Sql_server_2017, Sql_server_2019, Sql_server_2022 | 8.8 | ||
| 2025-07-08 | CVE-2025-49717 | Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network. | Sql_server_2019, Sql_server_2022 | 8.5 | ||
| 2025-07-08 | CVE-2025-49718 | Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network. | Sql_server_2019, Sql_server_2022 | 7.5 | ||
| 2025-07-08 | CVE-2025-49719 | Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network. | Sql_server_2016, Sql_server_2017, Sql_server_2019, Sql_server_2022 | 7.5 |