Microsoft: >> Sql Server 2019 Security Vulnerabilities
Improper neutralization of special elements used in a command ('command injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-09-09
Concurrent execution using shared resource with improper synchronization ('race condition') in SQL Server allows an authorized attacker to disclose information over a network.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-09-09
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-08-12
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-08-12
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-08-12
Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-08-12
Heap-based buffer overflow in SQL Server allows an authorized attacker to execute code over a network.
CVSS Score
8.5
EPSS Score
0.001
Published
2025-07-08
Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network.
CVSS Score
7.5
EPSS Score
0.011
Published
2025-07-08
Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network.
CVSS Score
7.5
EPSS Score
0.006
Published
2025-07-08
Microsoft.SqlServer.XEvent.Configuration.dll Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.01
Published
2024-11-12
Page 1