Lucene search
K

130 matches found

OSV
OSV
added 2024/03/20 2:22 p.m.40 views

CVE-2023-41038 Server crash when using specific form of SET BIND statement

Firebird is a relational database. Versions 4.0.0 through 4.0.3 and version 5.0 beta1 are vulnerable to a server crash when a user uses a specific form of SET BIND statement. Any non-privileged user with minimum access to a server may type a statement with a long CHAR length, which causes the...

7.5CVSS7.3AI score0.00658EPSS
Exploits0References4
Debian
Debian
added 2021/11/20 10:47 a.m.26 views

[SECURITY] [DLA 2824-1] firebird3.0 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2824-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler November 20, 2021 https://wiki.debian.org/LTS -...

9CVSS8.9AI score0.06224EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2021/06/29 12:0 a.m.13 views

PT-2021-3510

Name of the Vulnerable Software and Affected Versions PHP versions 7.3.x through 7.3.28 PHP versions 7.4.x through 7.4.20 PHP versions 8.0.x through 8.0.7 Description The issue is related to insufficient input validation in the Firebird PDO driver extension. A malicious database server could caus...

9.8CVSS6.7AI score0.03437EPSS
Exploits4References155
Prion
Prion
added 2021/02/05 8:15 p.m.22 views

Design/Logic Flaw

An issue was discovered in Psyprax before 3.2.2. The Firebird database is accessible with the default user sysdba and password masterke after installation. This allows any user to access it and read and modify the contents, including passwords. Local database files can be accessed directly as wel...

5.5CVSS8AI score0.01073EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/02/05 7:24 p.m.24 views

CVE-2020-10552

An issue was discovered in Psyprax before 3.2.2. The Firebird database is accessible with the default user sysdba and password masterke after installation. This allows any user to access it and read and modify the contents, including passwords. Local database files can be accessed directly as wel...

8.1AI score0.01073EPSS
Exploits0References1
CVE
CVE
added 2021/02/05 7:24 p.m.45 views

CVE-2020-10552

Psyprax ≤3.2.1 has a credential-reuse vulnerability where the Firebird database is initialized with the default sysdba:masterke credentials, allowing any user to access and modify the database contents (including passwords) and to directly access local database files. This issue is documented acr...

8.1CVSS7.9AI score0.01073EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/10/24 12:0 a.m.6 views

The vulnerability of the UDF subsystem of the “Red Database” and Firebird database management systems allows attackers to execute arbitrary code.

The vulnerability of the UDF subsystem in the “Red Database” and Firebird database management systems is related to errors during the execution of user-defined functions. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

9CVSS6.1AI score0.03273EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.5 views

The vulnerability of the SQL command execution utility for the Firebird database, isql-fb, allows a hacker to cause a service failure.

The vulnerability of the SQL command execution utility for Firebird database, iSQL-FB, arises due to buffer overflows during the processing of command line parameters. Exploiting this vulnerability can allow an attacker to cause a service failure by entering a specially crafted sequence of data...

4CVSS6.1AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.3 views

The vulnerability of the gdef application, which is part of the Firebird database management system, allows a perpetrator to cause a service failure.

The vulnerability of the Mendex application, which is part of the Firebird database management system, is related to overflow errors in buffer handling when processing command lines. Exploiting this vulnerability allows an attacker to cause a service failure by entering special parameters into th...

5.1CVSS5.8AI score
Exploits0Affected Software1
CNVD
CNVD
added 2018/04/16 12:0 a.m.3 views

Firebird SQL Server Command Execution Vulnerability

Firebird SQL Server is the Firebird Foundation's set of open source cross-platform to provide multiple ANSI SQL-92 functionality of the SQL database management system . A security vulnerability exists in Firebird SQL Server versions 2.5.7 and 3.0.2. A remote attacker can exploit this vulnerabilit...

9CVSS8.3AI score0.06224EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2016/02/24 12:0 a.m.7 views

The vulnerability of the Firebird database management system allows a perpetrator to cause a service failure.

The vulnerability of the Firebird database management system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause service failures by using the service dispatcher to execute the gbak utility with incorrect parameters...

4CVSS6.7AI score0.02304EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/10/29 12:0 a.m.8 views

The vulnerability of the Firebird database management system allows a perpetrator to cause a service failure.

The vulnerability of the TraceManager component in the Firebird database management system is related to resource management errors. Exploiting this vulnerability allows an attacker to cause service failures by generating empty dynamic SQL queries from a remote location...

3.5CVSS5.7AI score0.01835EPSS
Exploits0References10Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/10/29 12:0 a.m.7 views

The vulnerability of the Firebird database management system allows a perpetrator to cause a service failure.

The vulnerability of the xdrstatusvector function in the Firebird database management system is related to pointer assignment errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

5CVSS5.4AI score0.02896EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/10/29 12:0 a.m.7 views

The vulnerability of the Firebird database management system allows a perpetrator to execute arbitrary code.

The vulnerability of the Firebird database management system arises due to buffer overflows in the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted TCP packet sent to port 3050 with an incorrect checksum...

6.8CVSS6.3AI score0.42166EPSS
Exploits6References10Affected Software1
securityvulns
securityvulns
added 2014/12/23 12:0 a.m.152 views

[SECURITY] [DSA 3109-1] firebird2.5 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3109-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 21, 2014 http://www.debian.org/security/faq -...

5CVSS1.8AI score0.02896EPSS
Exploits1
Debian
Debian
added 2014/12/21 10:46 a.m.26 views

[SECURITY] [DSA 3109-1] firebird2.5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3109-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 21, 2014 http://www.debian.org/security/faq -...

5CVSS6.1AI score0.02896EPSS
Exploits1
OSV
OSV
added 2014/12/21 12:0 a.m.14 views

DSA-3109-1 firebird2.5 - security update

Bulletin has no description...

5CVSS6.3AI score0.02896EPSS
Exploits1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10446/info Firebird is reported prone to a remote buffer-overrun vulnerability. The issue occurs because the application fails to perform sufficient boundary checks when the database server is handling database names. A...

7.1AI score
Exploits0
OSV
OSV
added 2013/03/15 12:0 a.m.14 views

DSA-2648-1 firebird2.5 - several

Bulletin has no description...

6.8CVSS6.3AI score0.42166EPSS
Exploits6
OSV
OSV
added 2013/03/15 12:0 a.m.16 views

DSA-2647-1 firebird2.1 - buffer overflow

Bulletin has no description...

6.8CVSS6.3AI score0.42166EPSS
Exploits6
Rows per page
Query Builder