Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jdbc vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2009-1906
The DRDA Services component in IBM DB2 9.1 before FP7 and 9.5 before FP4 allows remote malicious users to cause a denial of service (memory corruption and application crash) via an IPv6 address in the correlation token in the APPID string, as demonstrated by an APPID string sent ...
Ibm Db2 9.1
Ibm Db2 9.5
NA
CVE-2023-34468
The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 up to and including 1.21.0 allow an authenticated and authorized user to configure a Database URL with the H2 driver that enables custom code execution. The resolution validates the Databas...
Apache Nifi
1 Github repository
NA
CVE-2023-27867
IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated malicious user to execute arbitrary code via JNDI Injection. By sending a specially crafted request using the property clientRerouteServerListJNDIName, an attacker coul...
Ibm Db2 10.5.0.11
Ibm Db2 11.1.4.7
Ibm Db2 11.5
890
VMScore
CVE-2007-2582
Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) service in IBM DB2 9.x and previous versions allow remote malicious users to (1) execute arbitrary code via a crafted packet to the DB2JDS service on tcp/6789; and cause a denial of service via (2) an invalid LANG p...
Ibm Db2
NA
CVE-2023-27869
IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated malicious user to execute arbitrary code on the system, caused by an unchecked logger injection. By sending a specially crafted request using the named traceFile proper...
Ibm Db2 10.5.0.11
Ibm Db2 11.1.4.7
Ibm Db2 11.5
NA
CVE-2022-40955
In versions of Apache InLong before 1.3.0, an attacker with sufficient privileges to specify MySQL JDBC connection URL parameters and to write arbitrary data to the MySQL database, could cause this data to be deserialized by Apache InLong, potentially leading to Remote Code Execu...
Apache Inlong
NA
CVE-2024-23689
Exposure of sensitive information in exceptions in ClichHouse's clickhouse-r2dbc, com.clickhouse:clickhouse-jdbc, and com.clickhouse:clickhouse-client versions less than 0.4.6 allows unauthorized users to gain access to client certificate passwords via client exception logs....
Clickhouse Java Libraries
NA
CVE-2023-27868
IBM Db2 JDBC Driver for Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 could allow a remote authenticated malicious user to execute arbitrary code on the system, caused by an unchecked class instantiation when providing plugin classes. By sending a specially crafted request...
Ibm Db2 10.5.0.11
Ibm Db2 11.1.4.7
Ibm Db2 11.5
NA
CVE-2023-40037
Apache NiFi 1.21.0 up to and including 1.23.0 support JDBC and JNDI JMS access in several Processors and Controller Services with connection URL validation that does not provide sufficient protection against crafted inputs. An authenticated and authorized user can bypass connecti...
Apache Nifi
3 Github repositories
578
VMScore
CVE-2022-24861
Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has remote code execution vulnerability. JDBC drivers are not validated prior to use and may be provided by users of the system. This can lead to code execution by any basic user w...
Databasir Databasir 1.0.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »