The purpose of this paper is to analyze a variety of factors arising from database vulnerabilities such as software bugs, misconfigurations, insecure coding practices, and security threats, and to discuss how database administrators (DBAs) response to these database vulnerabilities and threats. In this paper, we not only discuss how authorized users use various techniques to secure data schemes, get privileged access, and keep database system security but also introduce different control measures and mechanisms for granting and revoking privileges in the relational database system. Specifying security mechanisms including discretionary access control, mandatory access control, role-based access control, and Extensible Markup Language (XML) access control against different database threats such as Structured Query Language (SQL) injection attacks that would have caused loss of integrity, availability, and confidentiality. We have addressed specific preventive measures to the one of major database threats, which is SQL injection. From deeply analyzing statistical database security, we have found security problems that need us to pay attention to flow control and covert channels. Finally, we summarized some of the key research results including vulnerability analysis, threat modeling, access control mechanisms, cryptographic techniques, and database forensics.