SQL Server Microsoft SQL Server Database Server

Do you want an email whenever new security vulnerabilities are reported in Microsoft SQL Server?

@SQLServer Tweets

RT @windowsserver: �� Ready to launch a low-impact Windows Server migration to #Azure? Enhance your existing Windows Server skillset as you…
Mon May 17 20:30:00 +0000 2021

Whether you’re looking to move on-premises workloads to the cloud or take a cloud-first approach to app development… https://t.co/VhoKXIiAlp
Mon May 17 19:00:00 +0000 2021

RT @msdev: �� Storage is a key factor in Data Engineering. Watch Storage 101 for #AzureSQL and learn how to tell when there is an issue with…
Sun May 16 21:50:51 +0000 2021

In this important session of Data Exposed Live with David Pless and Pam Lahoud we’ll cover tips for getting the bes… https://t.co/vcEQNsCno8
Sun May 16 20:00:02 +0000 2021

���� Take an in-depth look at #AzureSQL Database and Azure SQL Managed Instance in this comprehensive technical imple… https://t.co/VoHwcHai9s
Sun May 16 18:00:00 +0000 2021

By the Year

In 2021 there have been 1 vulnerability in Microsoft SQL Server with an average score of 8.8 out of ten. Last year SQL Server had 1 security vulnerability published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in SQL Server in 2021 could surpass last years number. Interestingly, the average vulnerability score and the number of vulnerabilities for 2021 and last year was the same.

Year Vulnerabilities Average Score
2021 1 8.80
2020 1 8.80
2019 2 7.65
2018 0 0.00

It may take a day or so for new SQL Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft SQL Server Security Vulnerabilities

Microsoft SQL Elevation of Privilege Vulnerability

CVE-2021-1636 8.8 - High - January 12, 2021

Microsoft SQL Elevation of Privilege Vulnerability

SQL Injection

A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests

CVE-2020-0618 8.8 - High - February 11, 2020

A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'.

Improper Input Validation

A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions

CVE-2019-1068 8.8 - High - July 15, 2019

A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka 'Microsoft SQL Server Remote Code Execution Vulnerability'.

An information disclosure vulnerability exists in Microsoft SQL Server Analysis Services when it improperly enforces metadata permissions

CVE-2019-0819 6.5 - Medium - May 16, 2019

An information disclosure vulnerability exists in Microsoft SQL Server Analysis Services when it improperly enforces metadata permissions, aka 'Microsoft SQL Server Analysis Services Information Disclosure Vulnerability'.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft SQL Server or by Microsoft? Click the Watch button to subscribe.

Microsoft SQL Server
Database Server

subscribe