Multiple vulnerabilities in Microsoft SQL Server

Описание

Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information, gain privileges.

Below is a complete list of vulnerabilities:

1. Improper Handling of Exceptional Conditions vulnerability in Newtonsoft.Json can be explotied to cause denial of service.
2. An information disclosure vulnerability in Microsoft SQL Server can be exploited remotely to obtain sensitive information.
3. An elevation of privilege vulnerability in Microsoft SQL Server can be exploited remotely to gain privileges.

Первичный источник обнаружения

• CVE-2024-21907
  CVE-2025-47997
  CVE-2025-55227
  

Эксплуатация

Public exploits exist for this vulnerability.

Связанные продукты

• Microsoft-SQL-Server

Список CVE

• CVE-2024-21907
  critical
• CVE-2025-47997
  high
• CVE-2025-55227
  critical

Список KB

• 5065223
• 5065227
• 5065224
• 5065225
• 5065220
• 5065222
• 5065226
• 5065221

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com