Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
database security vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-1596
IBM Security Guardium 10.0 Database Activity Monitor could allow a local malicious user to obtain highly sensitive information via unspecified vectors. IBM X-Force ID: 132550.
Ibm Security Guardium 10.0.1
Ibm Security Guardium 10.1.2
Ibm Security Guardium 10.1.3
Ibm Security Guardium 10.0
Ibm Security Guardium 10.1.0
7.5
CVSSv3
CVE-2017-1598
IBM Security Guardium 10.0 Database Activity Monitor uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 132611.
Ibm Security Guardium 10.0
Ibm Security Guardium 10.1.0
Ibm Security Guardium 10.1.2
Ibm Security Guardium 10.1.3
Ibm Security Guardium 10.0.1
8.8
CVSSv3
CVE-2017-1757
IBM Security Guardium 10.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database. IBM X-Force ID: 135858.
Ibm Security Guardium 10.0
Ibm Security Guardium 10.0.1
Ibm Security Guardium 10.1.0
Ibm Security Guardium 10.1.2
Ibm Security Guardium 10.1.3
5.4
CVSSv3
CVE-2017-1600
IBM Security Guardium 10.0 Database Activity Monitor is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ses...
Ibm Security Guardium 10.0
Ibm Security Guardium 10.1.0
Ibm Security Guardium 10.1.2
Ibm Security Guardium 10.1.3
Ibm Security Guardium 10.0.1
9.8
CVSSv3
CVE-2017-1269
IBM Security Guardium 10.0 and 10.1 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database. IBM X-force ID: 124744
Ibm Security Guardium 10.1
Ibm Security Guardium 10.1.2
Ibm Security Guardium 10.0
Ibm Security Guardium 10.0.1
NA
CVE-2014-0936
IBM Security AppScan Source 8.0 up to and including 9.0, when the publish-assessment permission is not properly restricted for the configured database server, transmits cleartext assessment data, which allows remote malicious users to obtain sensitive information by sniffing the ...
Ibm Security Appscan Source 8.7
Ibm Security Appscan Source 8.8
Ibm Security Appscan Source 9.0
Ibm Security Appscan Source 8.6
Ibm Security Appscan Source 8.0
Ibm Security Appscan Source 8.5
NA
CVE-2012-2173
The ODBC driver in IBM Security AppScan Source 7.x and 8.x prior to 8.6 sends an SHA-1 hash of the connection password during connections to a solidDB database, which allows remote malicious users to obtain sensitive information by sniffing the network.
Ibm Security Appscan Source 8.0.0.1
Ibm Security Appscan Source 8.0.0.2
Ibm Security Appscan Source 8.5
Ibm Security Appscan Source 8.5.0.1
Ibm Security Appscan Source 7.0
Ibm Security Appscan Source 8.0
9.8
CVSSv3
CVE-2017-1670
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database. IBM X-Force ID: 133637.
Ibm Security Key Lifecycle Manager 2.5.0.3
Ibm Security Key Lifecycle Manager 2.5.0.4
Ibm Security Key Lifecycle Manager 2.5.0.5
Ibm Security Key Lifecycle Manager 2.5.0.6
Ibm Security Key Lifecycle Manager 2.5.0.7
Ibm Security Key Lifecycle Manager 2.5.0.1
Ibm Security Key Lifecycle Manager 2.5.0.8
Ibm Security Key Lifecycle Manager 2.6.0.1
Ibm Security Key Lifecycle Manager 2.6.0.3
Ibm Security Key Lifecycle Manager 2.7.0
Ibm Security Key Lifecycle Manager 2.7.0.1
Ibm Security Key Lifecycle Manager 2.7.0.2
Ibm Security Key Lifecycle Manager 2.5.0
Ibm Security Key Lifecycle Manager 2.5.0.2
Ibm Security Key Lifecycle Manager 2.6.0
Ibm Security Key Lifecycle Manager 2.6.0.2
NA
CVE-2001-0717
Format string vulnerability in ToolTalk database server rpc.ttdbserverd allows remote malicious users to execute arbitrary commands via format string specifiers that are passed to the syslog function.
Tooltalk Tooltalk Database Server
6.5
CVSSv3
CVE-2022-22463
IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database...
Ibm Security Verify Access 10.0.1.0
Ibm Security Verify Access 10.0.2.0
Ibm Security Verify Access 10.0.0.0
Ibm Security Verify Access 10.0.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »