This page lists publicly disclosed CVE vulnerabilities affecting microsoft sql_server_express_edition (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2008-0106 | Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 Express Edition SP1 and SP2, allows remote authenticated users to execute arbitrary code via a crafted insert statement. | [email protected] | 9.0 | 70.60% | 2008-07-08 | 2026-04-23 |
| CVE-2008-0086 | Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE 2000) SP4, and 2000 Desktop Engine (WMSDE) allows remote authenticated users to execute arbitrary code via a crafted SQL expression. | [email protected] | 9.0 | 71.73% | 2008-07-08 | 2026-04-23 |