Vulnerability Details CVE-2025-49717
Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.9%
CVSS Severity
CVSS v3 Score 8.5
Products affected by CVE-2025-49717
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.2000.5
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.2101.7
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.2104.1
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.2110.4
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.2116.2
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.2120.1
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.2130.3
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.4003.23
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.4013.40
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.4023.6
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.4033.1
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.4298.1
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.4312.2
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.4316.3
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.4322.2
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.4326.1
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.4335.1
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.4345.5
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.4355.3
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.4360.2
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.4365.2
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.4375.4
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.4382.1
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.4385.2
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.4390.2
-
cpe:2.3:a:microsoft:sql_server_2019:15.0.4410.1
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.1000.6
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.1050.5
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.1105.1
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.1110.1
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.1115.1
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.1121.4
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.1125.1
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.1130.5
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.1135.2
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4003.1
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4015.1
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4025.1
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4035.4
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4045.3
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4055.4
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4065.3
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4075.1
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4080.1
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4085.2
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4095.4
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4100.1
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4105.2
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4115.5
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4120.1
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4125.3
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4131.2
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4135.4
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4140.3
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4150.1
-
cpe:2.3:a:microsoft:sql_server_2022:16.0.4155.4