Sql Server Management Studio
Monthly
Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
A denial of service vulnerability exists when Microsoft SQL Server Management Studio (SSMS) improperly handles files. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity.
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when it improperly enforces permissions, aka 'SQL Server Management Studio Information Disclosure. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when it improperly enforces permissions, aka 'SQL Server Management Studio Information Disclosure. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing malicious XML content containing a reference to an external entity, aka "SQL Server. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing a malicious XMLA file containing a reference to an external entity, aka "SQL Server. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing a malicious XEL file containing a reference to an external entity, aka "SQL Server. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.
Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
A denial of service vulnerability exists when Microsoft SQL Server Management Studio (SSMS) improperly handles files. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity.
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when it improperly enforces permissions, aka 'SQL Server Management Studio Information Disclosure. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when it improperly enforces permissions, aka 'SQL Server Management Studio Information Disclosure. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing malicious XML content containing a reference to an external entity, aka "SQL Server. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing a malicious XMLA file containing a reference to an external entity, aka "SQL Server. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing a malicious XEL file containing a reference to an external entity, aka "SQL Server. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.