Microsoft Sql Server 2017 vulnerabilities

92 known vulnerabilities affecting microsoft/sql_server_2017.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL2HIGH87MEDIUM3

Vulnerabilities

Page 3 of 5

CVE-2024-49006HIGHCVSS 8.8≥ 14.0.1000.169, < 14.0.2070.1≥ 14.0.3006.16, < 14.0.3485.12024-11-12

CVE-2024-49006 [HIGH] CWE-122 CVE-2024-49006: SQL Server Native Client Remote Code Execution Vulnerability SQL Server Native Client Remote Code Execution Vulnerability

nvd

CVE-2024-49009HIGHCVSS 8.8≥ 14.0.1000.169, < 14.0.2070.1≥ 14.0.3006.16, < 14.0.3485.12024-11-12

CVE-2024-49009 [HIGH] CWE-122 CVE-2024-49009: SQL Server Native Client Remote Code Execution Vulnerability SQL Server Native Client Remote Code Execution Vulnerability

nvd

CVE-2024-37980CRITICALCVSS 9.8≥ 14.0.1000.169, < 14.0.2060.1≥ 14.0.3006.16, < 14.0.3475.12024-09-10

CVE-2024-37980 [HIGH] CWE-269 CVE-2024-37980: Microsoft SQL Server Elevation of Privilege Vulnerability Microsoft SQL Server Elevation of Privilege Vulnerability

nvd

CVE-2024-37341CRITICALCVSS 9.8≥ 14.0.1000.169, < 14.0.2060.1≥ 14.0.3006.16, < 14.0.3475.12024-09-10

CVE-2024-37341 [HIGH] CWE-284 CVE-2024-37341: Microsoft SQL Server Elevation of Privilege Vulnerability Microsoft SQL Server Elevation of Privilege Vulnerability

nvd

CVE-2024-26191HIGHCVSS 8.8≥ 14.0.1000.169, < 14.0.2060.1≥ 14.0.3006.16, < 14.0.3475.12024-09-10

CVE-2024-26191 [HIGH] CWE-122 CVE-2024-26191: Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

nvd

CVE-2024-37335HIGHCVSS 8.8≥ 14.0.1000.169, < 14.0.2060.1≥ 14.0.3006.16, < 14.0.3475.12024-09-10

CVE-2024-37335 [HIGH] CWE-122 CVE-2024-37335: Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

nvd

CVE-2024-37339HIGHCVSS 8.8≥ 14.0.1000.169, < 14.0.2060.1≥ 14.0.3006.16, < 14.0.3475.12024-09-10

CVE-2024-37339 [HIGH] CWE-822 CVE-2024-37339: Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

nvd

CVE-2024-37340HIGHCVSS 8.8≥ 14.0.1000.169, < 14.0.2060.1≥ 14.0.3006.16, < 14.0.3475.12024-09-10

CVE-2024-37340 [HIGH] CWE-822 CVE-2024-37340: Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

nvd

CVE-2024-37338HIGHCVSS 8.8≥ 14.0.1000.169, < 14.0.2060.1≥ 14.0.3006.16, < 14.0.3475.12024-09-10

CVE-2024-37338 [HIGH] CWE-125 CVE-2024-37338: Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

nvd

CVE-2024-43474HIGHCVSS 7.5≥ 14.0.1000.169, < 14.0.2060.1≥ 14.0.3006.16, < 14.0.3475.12024-09-10

CVE-2024-43474 [HIGH] CWE-170 CVE-2024-43474: Microsoft SQL Server Information Disclosure Vulnerability Microsoft SQL Server Information Disclosure Vulnerability

nvd

CVE-2024-26186HIGHCVSS 8.8≥ 14.0.1000.169, < 14.0.2060.1≥ 14.0.3006.16, < 14.0.3475.12024-09-10

CVE-2024-26186 [HIGH] CWE-416 CVE-2024-26186: Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

nvd

CVE-2024-37966HIGHCVSS 7.1≥ 14.0.1000.169, < 14.0.2060.1≥ 14.0.3006.16, < 14.0.3475.12024-09-10

CVE-2024-37966 [HIGH] CWE-125 CVE-2024-37966: Microsoft SQL Server Native Scoring Information Disclosure Vulnerability Microsoft SQL Server Native Scoring Information Disclosure Vulnerability

nvd

CVE-2024-37965HIGHCVSS 8.8≥ 14.0.1000.169, < 14.0.2060.1≥ 14.0.3006.16, < 14.0.3475.12024-09-10

CVE-2024-37965 [HIGH] CWE-20 CVE-2024-37965: Microsoft SQL Server Elevation of Privilege Vulnerability Microsoft SQL Server Elevation of Privilege Vulnerability

nvd

CVE-2024-37337MEDIUMCVSS 4.3≥ 14.0.1000.169, < 14.0.2060.1≥ 14.0.3006.16, < 14.0.3475.12024-09-10

CVE-2024-37337 [HIGH] CWE-197 CVE-2024-37337: Microsoft SQL Server Native Scoring Information Disclosure Vulnerability Microsoft SQL Server Native Scoring Information Disclosure Vulnerability

nvd

CVE-2024-37342MEDIUMCVSS 4.3≥ 14.0.1000.169, < 14.0.2060.1≥ 14.0.3006.16, < 14.0.3475.12024-09-10

CVE-2024-37342 [HIGH] CWE-125 CVE-2024-37342: Microsoft SQL Server Native Scoring Information Disclosure Vulnerability Microsoft SQL Server Native Scoring Information Disclosure Vulnerability

nvd

CVE-2024-35256HIGHCVSS 8.8fixed in 14.0.2056.2≥ 14.0.3456.2, < 14.0.3471.22024-07-09

CVE-2024-35256 [HIGH] CWE-122 CVE-2024-35256: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

nvd

CVE-2024-21308HIGHCVSS 8.8≥ 14.0.1000.169, < 14.0.2056.2≥ 14.0.3006.16, < 14.0.3471.22024-07-09

CVE-2024-21308 [HIGH] CWE-416 CVE-2024-21308: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

nvd

CVE-2024-37327HIGHCVSS 8.8fixed in 14.0.2056.2≥ 14.0.3456.2, < 14.0.3471.22024-07-09

CVE-2024-37327 [HIGH] CWE-122 CVE-2024-37327: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

nvd

CVE-2024-37328HIGHCVSS 8.8fixed in 14.0.2056.2≥ 14.0.3456.2, < 14.0.3471.22024-07-09

CVE-2024-37328 [HIGH] CWE-122 CVE-2024-37328: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

nvd

CVE-2024-38087HIGHCVSS 8.8fixed in 14.0.2056.2≥ 14.0.3456.2, < 14.0.3471.22024-07-09

CVE-2024-38087 [HIGH] CWE-415 CVE-2024-38087: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

nvd

← Previous3 / 5Next →