Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
database vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2016-6530
Dentsply Sirona (formerly Schick) CDR Dicom 5 and previous versions has default passwords for the sa and cdr accounts, which allows remote malicious users to obtain administrative access by leveraging knowledge of these passwords.
Dentsply Sirona Cdr Dicom
10
CVSSv2
CVE-2014-9906
Use-after-free vulnerability in DBD::mysql prior to 4.029 allows malicious users to cause a denial of service (program crash) or possibly execute arbitrary code via vectors related to a lost server connection.
Debian Debian Linux 8.0
Dbd-mysql Project Dbd-mysql
10
CVSSv2
CVE-2016-4328
MEDHOST Perioperative Information Management System (aka PIMS or VPIMS) prior to 2015R1 has hardcoded credentials, which makes it easier for remote malicious users to obtain sensitive information via direct requests to the application database server.
Medhost Perioperative Information Management System -
1 Article
10
CVSSv2
CVE-2016-2343
Patterson Dental Eaglesoft 17 has a hardcoded password of sql for the dba account, which allows remote malicious users to obtain sensitive Dental.DB patient information via SQL statements.
Patterson Dental Eaglesoft 17.0
10
CVSSv2
CVE-2015-7828
SAP HANA Database 1.00 SPS10 and previous versions do not require authentication, which allows remote malicious users to execute arbitrary code or have unspecified other impact via a TrexNet packet to the (1) fcopydir, (2) fmkdir, (3) frmdir, (4) getenv, (5) dumpenv, (6) fcopy, (...
Sap Hana
10
CVSSv2
CVE-2015-4863
Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors.
Oracle Database Server 12.1.0.1
Oracle Database Server 12.1.0.2
Oracle Database Server 11.2.0.4
1 Article
10
CVSSv2
CVE-2015-5895
Multiple unspecified vulnerabilities in SQLite prior to 3.8.10.2, as used in Apple iOS prior to 9, have unknown impact and attack vectors.
Sqlite Sqlite
1 EDB exploit
10
CVSSv2
CVE-2014-9736
GE Healthcare Centricity Clinical Archive Audit Trail Repository has a default password of initinit for the (1) SSL key manager and (2) server keystore; (3) keystore_password for the server truststore; and atna for the (4) primary storage database and (5) archive storage database...
Gehealthcare Centricity Clinical Archive Audit Trail Repository
10
CVSSv2
CVE-2004-2777
GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet for the administrator account, (2) webadmin for the webadmin administrator account of the ASACA DVD library, (3) an empty value for the gemsservice account of the Ultrasound Database, and possibly (4) gemnet200...
Gehealthcare Centricity Image Vault Firmware
10
CVSSv2
CVE-2015-4335
Redis prior to 2.8.21 and 3.x prior to 3.0.2 allows remote malicious users to execute arbitrary Lua bytecode via the eval command.
Redislabs Redis 3.0.0
Redislabs Redis 3.0.1
Redislabs Redis
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »