Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
firebird firebird vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-41038
Firebird is a relational database. Versions 4.0.0 up to and including 4.0.3 and version 5.0 beta1 are vulnerable to a server crash when a user uses a specific form of SET BIND statement. Any non-privileged user with minimum access to a server may type a statement with a long `CHA...
NA
CVE-2022-29549
An issue exists in Qualys Cloud Agent 4.8.0-49. It executes programs at various full pathnames without first making ownership and permission checks (e.g., to help ensure that a program was installed by root) and without integrity checks (e.g., a checksum comparison against known ...
Qualys Cloud Agent For Linux
4.3
CVSSv2
CVE-2021-21704
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, such as getAttribute(), execute(), fetch() and others by returning invalid respon...
Php Php
Netapp Clustered Data Ontap -
5
CVSSv2
CVE-2021-21705
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid password field can be accepted as valid. This can lead to the code incorrectly p...
Php Php
Netapp Clustered Data Ontap -
Oracle Sd-wan Aware 8.2
5.5
CVSSv2
CVE-2020-10552
An issue exists in Psyprax prior to 3.2.2. The Firebird database is accessible with the default user sysdba and password masterke after installation. This allows any user to access it and read and modify the contents, including passwords. Local database files can be accessed dire...
Psyprax Psyprax
9
CVSSv2
CVE-2017-11509
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement.
Firebirdsql Firebird 2.5.7
Firebirdsql Firebird 3.0.2
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.5
CVSSv2
CVE-2017-6369
Insufficient checks in the UDF subsystem in Firebird 2.5.x prior to 2.5.7 and 3.0.x prior to 3.0.2 allow remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so.
Firebirdsql Firebird 2.5.3
Firebirdsql Firebird 2.5.5
Firebirdsql Firebird 2.5.6
Firebirdsql Firebird 2.5.4
Firebirdsql Firebird 2.5.1
Firebirdsql Firebird 2.5.2
Firebirdsql Firebird 3.0.1
Firebirdsql Firebird 3.0
4
CVSSv2
CVE-2016-1569
FireBird 2.5.5 allows remote authenticated users to cause a denial of service (daemon crash) by using service manager to invoke the gbak utility with an invalid parameter.
Firebirdsql Firebird 2.5.5
10
CVSSv2
CVE-2015-2788
Multiple stack-based buffer overflows in the ib_fill_isqlda function in dbdimp.c in DBD-Firebird prior to 1.19 allow remote malicious users to have unspecified impact via unknown vectors that trigger an error condition, related to binding octets to columns.
Debian Debian Linux 7.0
Debian Dbd-firebird
5
CVSSv2
CVE-2014-9323
The xdr_status_vector function in Firebird prior to 2.1.7 and 2.5.x prior to 2.5.3 SU1 allows remote malicious users to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a non-empty status.
Firebirdsql Firebird
Opensuse Evergreen 11.4
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »