Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unixodbc unixodbc vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-1013
An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken.
7.8
CVSSv3
CVE-2011-1145
The SQLDriverConnect() function in unixODBC prior to 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.
Unixodbc Unixodbc
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Opensuse 11.3
Opensuse Opensuse 11.4
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 6.0
9.8
CVSSv3
CVE-2018-14671
In ClickHouse prior to 18.10.3, unixODBC allowed loading arbitrary shared objects from the file system which led to a Remote Code Execution vulnerability.
Yandex Clickhouse
9.8
CVSSv3
CVE-2018-7485
The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows malicious users to cause a denial of service or possibly have unspecified other impact.
Unixodbc Unixodbc 2.3.5
9.8
CVSSv3
CVE-2018-7409
In unixODBC prior to 2.3.5, there is a buffer overflow in the unicode_to_ansi_copy() function in DriverManager/__info.c.
Unixodbc Unixodbc
NA
CVE-2012-2658
Buffer overflow in the SQLDriverConnect function in unixODBC 2.3.1 allows local users to cause a denial of service (crash) via a long string in the DRIVER option. NOTE: this issue might not be a vulnerability, since the ability to set this option typically implies that the attack...
Unixodbc Unixodbc 2.3.1
NA
CVE-2012-2657
Buffer overflow in the SQLDriverConnect function in unixODBC 2.0.10, 2.3.1, and previous versions allows local users to cause a denial of service (crash) via a long string in the FILEDSN option. NOTE: this issue might not be a vulnerability, since the ability to set this option t...
Unixodbc Unixodbc
Unixodbc Unixodbc 2.3.0
Unixodbc Unixodbc 2.0.10
NA
CVE-2005-4279
Untrusted search path vulnerability in Qt-UnixODBC prior to 3.3.4-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.
Gentoo Qt-unixodbc
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started