Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
database server vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2017-12635
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB prior to 1.7.0 and 2.x prior to 2.1.1 to submit _users documents with duplicate keys for 'roles' used for access control within the database, including ...
Apache Couchdb
Apache Couchdb 2.0.0
2 EDB exploits
6 Github repositories
1000
VMScore
CVE-2010-0071
Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors.
Oracle Database Server 11.1.0.7
Oracle Database Server 9.2.0.8
Oracle Database Server 9.2.0.8dv
Oracle Database Server 10.1.0.5
Oracle Database Server 10.2.0.4
1 EDB exploit
1000
VMScore
CVE-2009-1979
Unspecified vulnerability in the Network Authentication component in Oracle Database 10.1.0.5 and 10.2.0.4 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2009 C...
Oracle Database Server 10.1.0.5
Oracle Database Server 10.2.0.4
2 EDB exploits
1000
VMScore
CVE-2009-1669
The smarty_function_math function in libs/plugins/function.math.php in Smarty 2.6.22 allows context-dependent malicious users to execute arbitrary commands via shell metacharacters in the equation attribute of the math function. NOTE: some of these details are obtained from third...
Smarty Smarty 2.6.22
1 EDB exploit
1000
VMScore
CVE-2008-5619
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer prior to 5.2.10, RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote malicious users to execute arbitrary code via crafted input that is processed by the ...
Roundcube Webmail 0.2.1
Roundcube Webmail 0.2.3
2 EDB exploits
1000
VMScore
CVE-2008-0016
Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox prior to 2.0.0.17 and SeaMonkey prior to 1.1.12 allows remote malicious users to execute arbitrary code via a crafted UTF-8 URL in a link.
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9
Mozilla Firefox 1.0.3
Mozilla Firefox 1.0.2
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.7
Mozilla Firefox 1.5.0.9
Mozilla Firefox 1.5.0.7
Mozilla Firefox 2.0.0.10
Mozilla Firefox 2.0.0.13
Mozilla Seamonkey 1.0.8
Mozilla Seamonkey 1.0.7
Mozilla Seamonkey 1.0.9
Mozilla Seamonkey 1.0.99
Mozilla Seamonkey
Mozilla Firefox 0.9 Rc
Mozilla Firefox 1.0.7
Mozilla Firefox 1.0.6
Mozilla Firefox 1.5.0.12
Mozilla Firefox 1.5.0.1
1 EDB exploit
1000
VMScore
CVE-2008-0339
Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB01.
Oracle Database Server 10.2.0.3
Oracle Database Server 9.2.0.8dv
Oracle Database Server 10.1.0.5
1 EDB exploit
1000
VMScore
CVE-2007-3336
Multiple "pointer overwrite" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (formerly Computer Associates) products, allow remote malicious users to execute arbitrary code by sending certain TCP data at different times to ...
Ingres Database Server 9.0.4
Ingres Database Server R3
Ingres Database Server 2.5
Ingres Database Server 2.6
1 EDB exploit
1000
VMScore
CVE-2007-3334
Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote m...
Ca Etrust Secure Content Manager 8.0
Ingres Database Server 3.0.3
1 EDB exploit
1000
VMScore
CVE-2006-3698
Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB01 for Change Data Capture (CDC) component and (2) DB03 for Data Pump Metadata API. NOTE: as of 20060719, Oracle has not disputed a claim by a reliable ...
Oracle Database Server 10.1.0.5
3 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »