Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

322 matches found

securityvulns
securityvulnsadded 2008/02/06 12:0 a.m.29 views

IBM Informix Dynamic Server multiple security vulnerabilities

SQLIDEBUG and onedcu operators allow to access arbitrary files...

7.2CVSS4.2AI score0.00055EPSS
Exploits0References2Affected Software1
securityvulns
securityvulnsadded 2008/02/06 12:0 a.m.54 views

iDefense Security Advisory 01.31.08: IBM Informix Dynamic Server SQLIDEBUG File Creation Vulnerability

iDefense Security Advisory 01.31.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 31, 2008 I. BACKGROUND IBM Corp.'s Informix Dynamic Server is an online transaction processing data server. For more information, visit the product's homepage at the following URL...

6.9CVSS0.4AI score0.00052EPSS
Exploits0
securityvulns
securityvulnsadded 2008/02/06 12:0 a.m.83 views

iDefense Security Advisory 01.31.08: IBM Informix Dynamic Server onedcu File Creation Vulnerability

iDefense Security Advisory 01.31.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 31, 2008 I. BACKGROUND IBM Corp.'s Informix Dynamic Server is an online transaction processing data server. For more information, visit the product's homepage at the following URL...

7.2CVSS0.5AI score0.00055EPSS
Exploits0
NVD
NVDadded 2008/01/19 12:0 a.m.14 views

CVE-2008-0369

Multiple unspecified programs in IBM Informix Dynamic Server IDS 10.x before 10.00.xC8 allow local users to create arbitrary files by specifying the target file in the SQLIDEBUG environment variable, whose ownership is changed to the user invoking the programs...

6.9CVSS6.3AI score0.00052EPSS
Exploits0References9
Prion
Prionadded 2008/01/19 12:0 a.m.15 views

Information disclosure

onedcu in IBM Informix Dynamic Server IDS 10.x before 10.00.xC8 allows local users to create arbitrary files via the Trace file argument...

7.2CVSS6.6AI score0.00055EPSS
Exploits0References8Affected Software1
NVD
NVDadded 2008/01/19 12:0 a.m.12 views

CVE-2008-0368

onedcu in IBM Informix Dynamic Server IDS 10.x before 10.00.xC8 allows local users to create arbitrary files via the Trace file argument...

7.2CVSS6.2AI score0.00055EPSS
Exploits0References8
CVE
CVEadded 2008/01/18 11:0 p.m.44 views

CVE-2008-0369

IBM Informix Dynamic Server (IDS) 10.x prior to 10.00.xC8 is affected by a local file-creation vulnerability involving the SQLIDEBUG environment variable. When set, several set-UID binaries log to the specified file and change the file’s ownership to the invoking user, enabling local privilege es...

6.9CVSS6.3AI score0.00052EPSS
Exploits0References9Affected Software1
Cvelist
Cvelistadded 2008/01/18 11:0 p.m.14 views

CVE-2008-0369

Multiple unspecified programs in IBM Informix Dynamic Server IDS 10.x before 10.00.xC8 allow local users to create arbitrary files by specifying the target file in the SQLIDEBUG environment variable, whose ownership is changed to the user invoking the programs...

6.3AI score0.00052EPSS
Exploits0References9
Cvelist
Cvelistadded 2008/01/18 11:0 p.m.22 views

CVE-2008-0368

onedcu in IBM Informix Dynamic Server IDS 10.x before 10.00.xC8 allows local users to create arbitrary files via the Trace file argument...

6.2AI score0.00055EPSS
Exploits0References8
CVE
CVEadded 2008/01/18 11:0 p.m.47 views

CVE-2008-0368

CVE-2008-0368 affects IBM Informix Dynamic Server (IDS) 10.x prior to 10.00.xC8. The vulnerability arises in the set-uid onedcu tool, where the second parameter Trace file is opened for writing with elevated privileges, enabling local attackers to create arbitrary files and potentially gain root ...

7.2CVSS6.2AI score0.00055EPSS
Exploits0References8Affected Software1
NVD
NVDadded 2007/11/14 11:46 a.m.15 views

CVE-2007-5957

Unspecified vulnerability in IBM Informix Dynamic Server IDS 10.00.TC3TL and 11.10.TB4TL on Windows allows attackers to cause a denial of service application crash via unspecified SQONASSIST requests...

4.9CVSS6.4AI score0.00059EPSS
Exploits0References7
Prion
Prionadded 2007/11/14 11:46 a.m.12 views

Directory traversal

Directory traversal vulnerability in IBM Informix Dynamic Server IDS before 10.00.xC7W1 allows local users to gain privileges by referencing modified NLS message files through directory traversal sequences in the DBLANG environment variable...

7.2CVSS6.5AI score0.00029EPSS
Exploits0References7Affected Software1
Prion
Prionadded 2007/11/14 11:46 a.m.12 views

Code injection

Unspecified vulnerability in IBM Informix Dynamic Server IDS 10.00.TC3TL and 11.10.TB4TL on Windows allows attackers to cause a denial of service application crash via unspecified SQONASSIST requests...

4.9CVSS6.9AI score0.00059EPSS
Exploits0References7Affected Software1
CVE
CVEadded 2007/11/14 11:0 a.m.41 views

CVE-2007-5957

IBM Informix Dynamic Server (IDS) versions 10.00.TC3TL and 11.10.TB4TL on Windows are affected by CVE-2007-5957, with a denial of service (application crash) triggered by unspecified SQ_ONASSIST requests. The available description does not specify the exact root cause, vulnerable component, or co...

4.9CVSS6.4AI score0.00059EPSS
Exploits0References7Affected Software1
Cvelist
Cvelistadded 2007/11/14 11:0 a.m.17 views

CVE-2007-5957

Unspecified vulnerability in IBM Informix Dynamic Server IDS 10.00.TC3TL and 11.10.TB4TL on Windows allows attackers to cause a denial of service application crash via unspecified SQONASSIST requests...

6.4AI score0.00059EPSS
Exploits0References7
Cvelist
Cvelistadded 2007/11/14 11:0 a.m.23 views

CVE-2007-5956

Directory traversal vulnerability in IBM Informix Dynamic Server IDS before 10.00.xC7W1 allows local users to gain privileges by referencing modified NLS message files through directory traversal sequences in the DBLANG environment variable...

6.3AI score0.00029EPSS
Exploits0References7
CVE
CVEadded 2007/11/14 11:0 a.m.46 views

CVE-2007-5956

CVE-2007-5956 concerns IBM Informix Dynamic Server (IDS) prior to 10.00.xC7W1. The vulnerability arises from directory traversal using modified NLS message files via the DBLANG environment variable, enabling local users to gain privileges. The description specifies a local-execution/privilege-esc...

7.2CVSS6.4AI score0.00029EPSS
Exploits0References7Affected Software1
securityvulns
securityvulnsadded 2007/11/12 12:0 a.m.38 views

iDefense Security Advisory 11.09.07: IBM Informix Dynamic Server DBLANG Directory Traversal Vulnerability

iDefense Security Advisory 11.09.07 http://labs.idefense.com/intelligence/vulnerabilities/ Nov 09, 2007 I. BACKGROUND IBM Corp.'s Informix Dynamic Server is an online transaction processing data server. It contains several set-uid root binaries. For more information, visit the product homepage at...

0.7AI score
Exploits0
securityvulns
securityvulnsadded 2007/11/12 12:0 a.m.24 views

IBM Informix Dynamic Server privilege escalation

Directory traversal on DBLANG environment variable parsing allows to specify attacker-controlled NLS files, leading to possibility of format string attacks for suid applications...

5.4AI score
Exploits0References1Affected Software1
seebug.org
seebug.orgadded 2006/12/06 12:0 a.m.33 views

IBM Informix Dynamic Server存在多个漏洞

IBM Informix Dynamic Server是一款多线索数据库服务器。 IBM Informix Dynamic Server存在多个安全问题,远程攻击者可以利用漏洞获得敏感信息或者以进程权限执行任意代码。 具体问题包括: -LOTOFILE、DBINFO、FILETOCLOB、getname、ifxfiletofile函数缓冲区溢出。 -在sysmaster中通过dbimp和dbexp过程执行任意命令。 -windows版本上超长用户名缓冲区溢出。 -通过SET DEBUG FILE执行任意命令。 -SET DEBUG FILE缓冲区溢出 -通过C code UDR提权...

7.1AI score
Exploits0
Rows per page
Query Builder