Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
database security vulnerabilities and exploits
(subscribe to this query)
1.9
CVSSv3
CVE-2017-10120
Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege with logon to the infrastructure ...
Oracle Database Server 12.1.0.2
10
CVSSv3
CVE-2020-1953
Apache Commons Configuration uses a third-party library to parse YAML files which by default allows the instantiation of classes if the YAML includes special statements. Apache Commons Configuration versions 2.2, 2.3, 2.4, 2.5, 2.6 did not change the default settings of this libr...
Apache Commons Configuration 2.3
Apache Commons Configuration 2.4
Apache Commons Configuration 2.5
Apache Commons Configuration 2.6
Apache Commons Configuration 2.2
Oracle Database Server 12.1.0.2
Oracle Database Server 11.2.0.4
Oracle Database Server 12.2.0.1
Oracle Database Server 18c
Oracle Database Server 19c
Oracle Healthcare Foundation 7.2.0
Oracle Healthcare Foundation 7.2.1
Oracle Healthcare Foundation 7.3.0
Oracle Healthcare Foundation 7.1.1
NA
CVE-2006-6932
Multiple SQL injection vulnerabilities in Image Gallery with Access Database allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to (a) dispimage.asp, or the (2) order or (3) page parameter to (b) default.asp.
Image Gallery With Access Database Image Gallery With Access Database
2 EDB exploits
7.8
CVSSv3
CVE-2016-6065
IBM Security Guardium Database Activity Monitor appliance could allow a local user to inject commands that would be executed as root.
Ibm Security Guardium 10.1.2
Ibm Security Guardium 10.0
Ibm Security Guardium 10.0.1
Ibm Security Guardium 10.1
Ibm Security Guardium 9.1
Ibm Security Guardium 8.2
Ibm Security Guardium 9.0
Ibm Security Guardium 9.5
NA
CVE-2015-4755
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows remote malicious users to affect confidentiality via unknown vectors.
Oracle Database Server 12.1.0.2
7.5
CVSSv3
CVE-2016-2381
Perl might allow context-dependent malicious users to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.
Perl Perl
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Oracle Communications Billing And Revenue Management 7.5
Oracle Configuration Manager
Oracle Configuration Manager 12.1.2.0.6
Oracle Database Server 11.2.0.4
Oracle Database Server 12.1.0.2
Oracle Database Server 12.2.0.1
Oracle Database Server 18c
Oracle Database Server 19c
Oracle Enterprise Manager Base Platform 13.2.0.0.0
Oracle Enterprise Manager Base Platform 13.3.0.0.0
Oracle Timesten In-memory Database
Oracle Solaris 11.3
Opensuse Opensuse 13.2
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.10
NA
CVE-2015-4160
SQL injection vulnerability in SAP ASE Database Platform allows remote malicious users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Notes: 2152278.
Sap Ase Database Platform -
NA
CVE-2013-3989
IBM Security AppScan Enterprise 8.x prior to 8.8 sends a cleartext AppScan Source database password in a response, which allows remote authenticated users to obtain sensitive information, and subsequently conduct man-in-the-middle attacks, by examining the response content.
Ibm Security Appscan 8.0.0.0
Ibm Security Appscan 8.6.0.0
Ibm Security Appscan 8.6.0.1
Ibm Security Appscan 8.0.1.0
Ibm Security Appscan 8.0.1.1
Ibm Security Appscan 8.0.11
Ibm Security Appscan 8.7.0.1
Ibm Security Appscan 8.0.0.1
Ibm Security Appscan 8.0.0.2
Ibm Security Appscan 8.6.0.2
Ibm Security Appscan 8.7.0.0
Ibm Security Appscan 8.5.0.0
Ibm Security Appscan 8.5.0.1
8.6
CVSSv3
CVE-2016-0249
SQL injection vulnerability in IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x up to and including 9.5 before p700, and 10.x up to and including 10.1 before p100 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Ibm Security Guardium 10.1.0
Ibm Security Guardium 10.0.1
Ibm Security Guardium 9.0
Ibm Security Guardium 9.1
Ibm Security Guardium 9.5
Ibm Security Guardium 10.0
Ibm Security Guardium
5.5
CVSSv3
CVE-2017-1595
IBM Security Guardium 10.0 Database Activity Monitor could allow a local malicious user to obtain highly sensitive information via unspecified vectors. IBM X-Force ID: 132549.
Ibm Security Guardium 10.1.0
Ibm Security Guardium 10.1.3
Ibm Security Guardium 10.0
Ibm Security Guardium 10.0.1
Ibm Security Guardium 10.1.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »