Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
database server vulnerabilities and exploits
(subscribe to this query)
2.4
CVSSv3
CVE-2023-22074
Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege with netw...
Oracle Database Server
1 Github repository
2.4
CVSSv3
CVE-2023-22075
Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Create Any View, Select Any Table privile...
Oracle Database Server
4.9
CVSSv3
CVE-2023-22077
Vulnerability in the Oracle Database Recovery Manager component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having DBA account privilege with network access via Ora...
Oracle Database Server
4.3
CVSSv3
CVE-2023-22096
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle N...
Oracle Database Server
9.8
CVSSv3
CVE-2023-41262
An issue exists in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer prior to 19.3.1. The csvExportReport endpoint action generateCSV is vulnerable to SQL injection through the sorting parameter, allowing an unauthenticated user to execute arbitrary SQL statements in the context of the...
Plixer Scrutinizer
3.7
CVSSv3
CVE-2023-41335
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. When users update their passwords, the new credentials may be briefly held in the server database. While this doesn't grant the server any added capabilities—it already lea...
Matrix Synapse
Fedoraproject Fedora 37
Fedoraproject Fedora 38
7.2
CVSSv3
CVE-2023-40046
In WS_FTP Server versions before 8.7.4 and 8.8.2, a SQL injection vulnerability exists in the WS_FTP Server manager interface. An attacker may be able to infer information about the structure and contents of the database and execute SQL statements that alter or delete database e...
Progress Ws Ftp Server
5.9
CVSSv3
CVE-2023-4813
A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured wit...
Gnu Glibc
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Server Tus 8.8
Redhat Enterprise Linux Eus 8.8
Redhat Enterprise Linux Server Aus 9.2
Redhat Enterprise Linux Eus 9.2
Redhat Enterprise Linux For Power Little Endian 9.2 Ppc64le
Redhat Enterprise Linux For Power Little Endian Eus 9.2 Ppc64le
Redhat Enterprise Linux For Ibm Z Systems S390x 9.2
Redhat Enterprise Linux For Ibm Z Systems Eus S390x 9.2
Fedoraproject Fedora 38
Netapp Active Iq Unified Manager -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
8.8
CVSSv3
CVE-2023-40726
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application server responds with sensitive information about the server. This could allow an malicious user to directly access the database.
Siemens Qms Automotive
9.8
CVSSv3
CVE-2023-40309
SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired, an attacker could a...
Sap Netweaver Application Server Abap Kernel 7.53
Sap Netweaver Application Server Abap Kernel 7.77
Sap Web Dispatcher 7.53
Sap Web Dispatcher 7.77
Sap Web Dispatcher 7.22ext
Sap Content Server 7.53
Sap Web Dispatcher 7.85
Sap Netweaver Application Server Abap Kernel 7.22
Sap Netweaver Application Server Abap Kernel 8.04
Sap Netweaver Application Server Abap 7.22ext
Sap Netweaver Application Server Abap Kernel 7.85
Sap Web Dispatcher 7.89
Sap Web Dispatcher 7.54
Sap Netweaver Application Server Abap Kernel 7.89
Sap Netweaver Application Server Abap Kernel 7.54
Sap Netweaver Application Server Abap Kernel 7.92
Sap Netweaver Application Server Abap Kernel 7.93
Sap Content Server 6.50
Sap Content Server 7.54
Sap Hana Database 2.0
Sap Host Agent 722
Sap Extended Application Services And Runtime 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »