Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jdbc vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-6544
Unspecified vulnerability in the JDBC component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2014-4289.
Oracle Database Server 11.1.0.7
Oracle Database Server 11.2.0.3
Oracle Database Server 11.2.0.4
Oracle Database Server 12.1.0.1
NA
CVE-2014-4289
Unspecified vulnerability in the JDBC component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2014-6544.
Oracle Database Server 12.1.0.1
Oracle Database Server 11.1.0.7
Oracle Database Server 11.2.0.3
Oracle Database Server 11.2.0.4
6.5
CVSSv3
CVE-2022-27216
Jenkins dbCharts Plugin 0.5.2 and previous versions stores JDBC connection passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.
Jenkins Dbcharts
7.2
CVSSv3
CVE-2021-33523
MashZone NextGen up to and including 10.7 GA allows a remote authenticated user, with access to the admin console, to upload a new JDBC driver that can execute arbitrary commands on the underlying host. This occurs in com.idsscheer.ppmmashup.business.jdbc.DriverUploadController.
Softwareag Mashzone Nextgen
8.8
CVSSv3
CVE-2022-36364
Apache Calcite Avatica JDBC driver creates HTTP client instances based on class names provided via `httpclient_impl` connection property; however, the driver does not verify if the class implements the expected interface before instantiating it, which can lead to code execution l...
Apache Apache Calcite Avatica
7.2
CVSSv3
CVE-2022-22958
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI whi...
Vmware Cloud Foundation
Vmware Identity Manager 3.3.3
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Identity Manager 3.3.6
Vmware Vrealize Automation
Vmware Vrealize Automation 7.6
Vmware Vrealize Suite Lifecycle Manager
Vmware Workspace One Access 20.10.0.0
Vmware Workspace One Access 20.10.0.1
Vmware Workspace One Access 21.08.0.0
Vmware Workspace One Access 21.08.0.1
NA
CVE-2024-23833
OpenRefine is a free, open source power tool for working with messy data and improving it. A jdbc attack vulnerability exists in OpenRefine(version<=3.7.7) where an attacker may construct a JDBC query which may read files on the host filesystem. Due to the newer MySQL driver l...
NA
CVE-2005-4668
The embedded HSQLDB in ParosProxy prior to 3.2.7, when running with JDK 1.4.2 prior to 1.4.2_08, allows local users to execute arbitrary comands via crafted SQL commands that interact with HSQLDB through JDBC, a similar vulnerability to CVE-2003-0845.
Parosproxy Parosproxy 3.2.1
Parosproxy Parosproxy 3.2.2
Parosproxy Parosproxy 3.2.3
Parosproxy Parosproxy 3.2.4
Parosproxy Parosproxy 3.2.0
Parosproxy Parosproxy 3.2.5
Parosproxy Parosproxy 3.2.6
NA
CVE-2009-0503
IBM WebSphere Message Broker 6.1.x prior to 6.1.0.2 writes a database connection password to the Event Log and System Log during exception handling for a JDBC error, which allows local users to obtain sensitive information by reading these logs.
Ibm Websphere Message Broker 6.1
Ibm Websphere Message Broker
8.8
CVSSv3
CVE-2022-25205
A cross-site request forgery (CSRF) vulnerability in Jenkins dbCharts Plugin 0.5.2 and previous versions allows malicious users to connect to an attacker-specified database via JDBC using attacker-specified credentials and to determine if a class is available in the Jenkins insta...
Jenkins Dbcharts
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »