Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jdbc vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-3083
Apache Hive (JDBC + HiveServer2) implements SSL for plain TCP and HTTP connections (it supports both transport modes). While validating the server's certificate during the connection setup, the client in Apache Hive prior to 1.2.2 and 2.0.x prior to 2.0.1 doesn't seem t...
Apache Hive 0.13.1
Apache Hive 1.1.1
Apache Hive 1.1.0
Apache Hive 1.0.0
Apache Hive 1.2.0
Apache Hive 0.14.0
Apache Hive 1.2.1
Apache Hive 1.0.1
Apache Hive 0.13.0
4.3
CVSSv2
CVE-2022-22959
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. A malicious actor can trick a user through a cross site request forgery to unintentionally validate a malicious JDBC URI.
Vmware Cloud Foundation
Vmware Identity Manager 3.3.3
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Identity Manager 3.3.6
Vmware Vrealize Automation 7.6
Vmware Vrealize Automation
Vmware Vrealize Suite Lifecycle Manager
Vmware Workspace One Access 20.10.0.0
Vmware Workspace One Access 20.10.0.1
Vmware Workspace One Access 21.08.0.0
Vmware Workspace One Access 21.08.0.1
6.5
CVSSv2
CVE-2022-25206
A missing check in Jenkins dbCharts Plugin 0.5.2 and previous versions allows attackers with Overall/Read permission to connect to an attacker-specified database via JDBC using attacker-specified credentials.
Jenkins Dbcharts
7.5
CVSSv2
CVE-2002-1260
The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and previous versions allow remote malicious users to bypass security checks and access database contents via an untrusted Java applet.
Microsoft Windows 2000 Terminal Services
Microsoft Windows Nt 4.0
Microsoft Windows Xp
Microsoft Windows 98se
Microsoft Windows Me
Microsoft Windows 2000
Microsoft Windows 95
Microsoft Windows 98
7.5
CVSSv2
CVE-2006-2470
Unspecified vulnerability in the WebLogic Server Administration Console for BEA WebLogic Server 9.0 prevents the console from setting custom JDBC security policies correctly, which could allow malicious users to bypass intended policies.
Bea Weblogic Server 9.0
6.9
CVSSv2
CVE-2010-3358
HenPlus JDBC SQL-Shell 0.9.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Henner Zeller Henplus 0.9.7
5
CVSSv2
CVE-2008-3960
Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fixpak 17 allows remote malicious users to cause a denial of service (service crash) via "malicious packets."
Ibm Db2 Universal Database 8.2
Ibm Db2 Universal Database
3.6
CVSSv2
CVE-2014-4289
Unspecified vulnerability in the JDBC component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2014-6544.
Oracle Database Server 12.1.0.1
Oracle Database Server 11.1.0.7
Oracle Database Server 11.2.0.3
Oracle Database Server 11.2.0.4
3.6
CVSSv2
CVE-2014-6544
Unspecified vulnerability in the JDBC component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2014-4289.
Oracle Database Server 11.1.0.7
Oracle Database Server 11.2.0.3
Oracle Database Server 11.2.0.4
Oracle Database Server 12.1.0.1
6.5
CVSSv2
CVE-2021-33523
MashZone NextGen up to and including 10.7 GA allows a remote authenticated user, with access to the admin console, to upload a new JDBC driver that can execute arbitrary commands on the underlying host. This occurs in com.idsscheer.ppmmashup.business.jdbc.DriverUploadController.
Softwareag Mashzone Nextgen
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »