Software Detail
Title
CRITICAL
HIGH
MEDIUM
LOW
CVE
CWE
Number of items displayed
Microsoft SQL Server Number Of NVD 108 CRITICAL 0 HIGH 75 MEDIUM 30 LOW 3
URL https://www.microsoft.com/ja-jp/sql-server/
Explanation It is a relational database management system (RDBMS) provided by Microsoft, and like other Windows products, it can be operated in various ways from the GUI (screen).
The support end date depends on the service pack provided.
If a new service pack is provided, the old service pack will be supported for 12 months.
Tag
  • 商用ライセンス有り
Add Information URL
No Type Name URL
1 https://support.microsoft.com/ja-jp/lifecycle/search?alpha=SQL%20Server
2 https://sqlserverbuilds.blogspot.com/
3 https://learn.microsoft.com/ja-jp/lifecycle/policies/fixed
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
1 SQL Server 2022 2022 Nov. 16, 2022 Jan. 11, 2028 Jan. 11, 2033 0 18 1 0
2 SQL Server 2019 2019 Nov. 4, 2019 Jan. 7, 2025 Jan. 8, 2030 0 20 1 0
3 SQL Server 2014 Service Pack 3 2014 Oct. 30, 2018 July 9, 2019 July 9, 2024 0 15 3 0
4 SQL Server 2016 Service Pack 2 2016 April 24, 2018 July 13, 2021 July 14, 2026 0 13 3 0
5 SQL Server 2017 2017 Sept. 29, 2017 Oct. 11, 2022 Oct. 12, 2027 0 9 2 0
6 SQL Server 2012 Service Pack 4 2012 July 11, 2017 July 12, 2022 0 12 4 0
7 SQL Server 7.0 7.0 Jan. 1, 2000 0 16 17 3
8 SQL Server 6.5 6.5 Jan. 1, 2000 0 2 1 1
9 SQL Server 6.0 6.0 Jan. 1, 2000 0 1 0 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
1 8.7
- 		HIGH
Network 		Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability NVD-CWE-noinfo
CVE-2024-0056 cpe:2.3:a:microsoft:sql_server:2022:cumulative_update_10
cpe:2.3:a:microsoft:sql_server:2022:* 		2024-04-12 05:15
2024-01-10 		Show GitHub Exploit DB Packet Storm
2 7.8
- 		HIGH
Local 		Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2023-36785 cpe:2.3:a:microsoft:sql_server:2022:cumulative_update_8
cpe:2.3:a:microsoft:sql_server:2019:cumulative_update_22 		2023-10-13 07:21
2023-10-11 		Show GitHub Exploit DB Packet Storm
3 7.8
- 		HIGH
Local 		Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2023-36730 cpe:2.3:a:microsoft:sql_server:2022:*
cpe:2.3:a:microsoft:sql_server:2019:* 		2023-10-14 04:42
2023-10-11 		Show GitHub Exploit DB Packet Storm
4 7.8
- 		HIGH
Local 		Microsoft SQL OLE DB Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2023-36417 cpe:2.3:a:microsoft:sql_server:2022:*
cpe:2.3:a:microsoft:sql_server:2019:* 		2023-11-2 11:08
2023-10-11 		Show GitHub Exploit DB Packet Storm
5 7.8
- 		HIGH
Local 		Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2023-36420 cpe:2.3:a:microsoft:sql_server:2022:*
cpe:2.3:a:microsoft:sql_server:2019:* 		2023-11-7 09:15
2023-10-11 		Show GitHub Exploit DB Packet Storm
6 5.5
- 		MEDIUM
Local 		Microsoft SQL Server Denial of Service Vulnerability NVD-CWE-noinfo
CVE-2023-36728 cpe:2.3:a:microsoft:sql_server:2022:*
cpe:2.3:a:microsoft:sql_server:2019:*
cpe:2.3:a:microsoft:sql_server:2017:*… 		2024-04-2 00:44
2023-10-11 		Show GitHub Exploit DB Packet Storm
7 8.8
- 		HIGH
Network 		Microsoft SQL OLE DB Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2023-38169 cpe:2.3:a:microsoft:sql_server:2022:*
cpe:2.3:a:microsoft:sql_server:2019:* 		2023-11-7 08:15
2023-08-9 		Show GitHub Exploit DB Packet Storm
8 7.8
- 		HIGH
Local 		Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2023-32027 cpe:2.3:a:microsoft:sql_server:2022:*
cpe:2.3:a:microsoft:sql_server:2019:* 		2023-06-24 10:32
2023-06-16 		Show GitHub Exploit DB Packet Storm
9 7.8
- 		HIGH
Local 		Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2023-32026 cpe:2.3:a:microsoft:sql_server:2022:*
cpe:2.3:a:microsoft:sql_server:2019:* 		2023-06-27 01:15
2023-06-16 		Show GitHub Exploit DB Packet Storm
10 7.8
- 		HIGH
Local 		Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability NVD-CWE-noinfo
CVE-2023-32025 cpe:2.3:a:microsoft:sql_server:2022:*
cpe:2.3:a:microsoft:sql_server:2019:* 		2023-06-27 01:20
2023-06-16 		Show GitHub Exploit DB Packet Storm