Lucene search
K

130 matches found

Fedora
Fedora
added 2025/09/27 1:12 a.m.5 views

[SECURITY] Fedora 42 Update: firebird-4.0.6.3221-1.fc42

Firebird is a relational database offering many ANSI SQL standard features that runs on Linux, Windows, and a variety of Unix platforms. Firebird offers excellent concurrency, high performance, and powerful language support for stored procedures and triggers. It has been used in production system...

8.8CVSS7.4AI score0.0051EPSS
Exploits1
Zero Day Initiative
Zero Day Initiative
added 2025/08/21 12:0 a.m.6 views

Firebird SQL Database Server XDR Message Parsing NULL Pointer Dereference Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Firebird SQL. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of XDR messages. The issue results from dereferencing a null...

7.5CVSS5.9AI score0.0051EPSS
Exploits0References1
NVD
NVD
added 2025/08/15 3:15 p.m.5 views

CVE-2025-54989

Firebird is a relational database. Prior to versions 3.0.13, 4.0.6, and 5.0.3, there is an XDR message parsing NULL pointer dereference denial-of-service vulnerability in Firebird. This specific flaw exists within the parsing of xdr message from client. It leads to NULL pointer dereference and Do...

7.5CVSS0.0051EPSS
Exploits0References4
OSV
OSV
added 2025/08/15 3:15 p.m.3 views

DEBIAN-CVE-2025-54989

Firebird is a relational database. Prior to versions 3.0.13, 4.0.6, and 5.0.3, there is an XDR message parsing NULL pointer dereference denial-of-service vulnerability in Firebird. This specific flaw exists within the parsing of xdr message from client. It leads to NULL pointer dereference and Do...

7.5CVSS6.1AI score0.0051EPSS
Exploits0References1
NVD
NVD
added 2025/08/15 3:15 p.m.6 views

CVE-2025-24975

Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...

8.8CVSS0.00474EPSS
Exploits1References5
OSV
OSV
added 2025/08/15 3:15 p.m.4 views

UBUNTU-CVE-2025-54989

Firebird is a relational database. Prior to versions 3.0.13, 4.0.6, and 5.0.3, there is an XDR message parsing NULL pointer dereference denial-of-service vulnerability in Firebird. This specific flaw exists within the parsing of xdr message from client. It leads to NULL pointer dereference and Do...

7.5CVSS5.7AI score0.0051EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/08/15 3:11 p.m.5 views

CVE-2025-24975

Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...

8.8CVSS5.3AI score0.00474EPSS
Exploits1
CVE
CVE
added 2025/08/15 3:4 p.m.49 views

CVE-2025-54989

Firebird before versions 3.0.13, 4.0.6, and 5.0.3 is vulnerable to a denial-of-service caused by a NULL pointer dereference during XDR message parsing from the client. The issue is specifically in the XDR message parsing path and leads to a crash/DoS. Remediation is to upgrade to the patched vers...

7.5CVSS6.3AI score0.0051EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/15 3:4 p.m.2 views

CVE-2025-54989 Firebird XDR Message Parsing NULL Pointer Dereference Denial-of-Service Vulnerability

Firebird is a relational database. Prior to versions 3.0.13, 4.0.6, and 5.0.3, there is an XDR message parsing NULL pointer dereference denial-of-service vulnerability in Firebird. This specific flaw exists within the parsing of xdr message from client. It leads to NULL pointer dereference and Do...

5.3CVSS6.8AI score0.0051EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/08/15 3:4 p.m.10 views

CVE-2025-54989 Firebird XDR Message Parsing NULL Pointer Dereference Denial-of-Service Vulnerability

Firebird is a relational database. Prior to versions 3.0.13, 4.0.6, and 5.0.3, there is an XDR message parsing NULL pointer dereference denial-of-service vulnerability in Firebird. This specific flaw exists within the parsing of xdr message from client. It leads to NULL pointer dereference and Do...

5.3CVSS0.0051EPSS
Exploits0References3
OSV
OSV
added 2025/08/15 3:4 p.m.4 views

CVE-2025-54989 Firebird XDR Message Parsing NULL Pointer Dereference Denial-of-Service Vulnerability

Firebird is a relational database. Prior to versions 3.0.13, 4.0.6, and 5.0.3, there is an XDR message parsing NULL pointer dereference denial-of-service vulnerability in Firebird. This specific flaw exists within the parsing of xdr message from client. It leads to NULL pointer dereference and Do...

5.3CVSS6.3AI score0.0051EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/08/15 12:0 a.m.5 views

Firebird 代码问题漏洞

Firebird is an open source cross-platform relational database management system from the Firebird Foundation that provides multiple ANSI SQL-92 capabilities. A code issue vulnerability exists in Firebird versions prior to 4.0.6.3183, prior to 5.0.2.1610, and prior to 6.0.0.609, which stems from a...

8.8CVSS6.9AI score0.00474EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/05/23 6:25 a.m.8 views

CVE-2024-50590

Attackers with local access to the medical office computer can escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by overwriting one of two Elefant service binaries with weak permissions. The default installation directory of Elefant is "C:\Elefant1" which is writable for all users. ...

7.8CVSS7AI score0.00189EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:15 a.m.8 views

CVE-2023-41038

Firebird is a relational database. Versions 4.0.0 through 4.0.3 and version 5.0 beta1 are vulnerable to a server crash when a user uses a specific form of SET BIND statement. Any non-privileged user with minimum access to a server may type a statement with a long CHAR length, which causes the...

7.5CVSS6.8AI score0.00658EPSS
Exploits0
NVD
NVD
added 2024/11/08 12:15 p.m.23 views

CVE-2024-50590

Attackers with local access to the medical office computer can escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by overwriting one of two Elefant service binaries with weak permissions. The default installation directory of Elefant is "C:\Elefant1" which is writable for all users. ...

7.8CVSS0.00189EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/11/08 11:45 a.m.20 views

CVE-2024-50590 Local Privilege Escalation via Weak Service Binary Permissions

Attackers with local access to the medical office computer can escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by overwriting one of two Elefant service binaries with weak permissions. The default installation directory of Elefant is "C:\Elefant1" which is writable for all users. ...

0.00189EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/08 11:45 a.m.11 views

CVE-2024-50590 Local Privilege Escalation via Weak Service Binary Permissions

Attackers with local access to the medical office computer can escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by overwriting one of two Elefant service binaries with weak permissions. The default installation directory of Elefant is "C:\Elefant1" which is writable for all users. ...

6.8AI score0.00189EPSS
Exploits0References2
NVD
NVD
added 2024/11/08 9:15 a.m.18 views

CVE-2024-50588

An unauthenticated attacker with access to the local network of the medical office can use known default credentials to gain remote DBA access to the Elefant Firebird database. The data in the database includes patient data and login credentials among other sensitive data. In addition, this enabl...

9.8CVSS0.00676EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/03/20 3:15 p.m.29 views

CVE-2023-41038

Firebird is a relational database. Versions 4.0.0 through 4.0.3 and version 5.0 beta1 are vulnerable to a server crash when a user uses a specific form of SET BIND statement. Any non-privileged user with minimum access to a server may type a statement with a long CHAR length, which causes the...

7.5CVSS5.9AI score0.00658EPSS
Exploits0References3
OSV
OSV
added 2024/03/20 3:15 p.m.4 views

UBUNTU-CVE-2023-41038

Firebird is a relational database. Versions 4.0.0 through 4.0.3 and version 5.0 beta1 are vulnerable to a server crash when a user uses a specific form of SET BIND statement. Any non-privileged user with minimum access to a server may type a statement with a long CHAR length, which causes the...

7.5CVSS5.8AI score0.00658EPSS
Exploits0References4
Rows per page
Query Builder