ROS-20251117-03

Vulnerability of the xdrtrrqmessage function of the protocol.cpp module of the Red Database Management System is related to dereferencing of a null pointer. Data" is related to dereferencing of a null pointer. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a...

The vulnerability of the DdlNodes.epp module in the “Red Database” database management system allows a perpetrator to gain access and modify data.

The vulnerability of the DdlNodes.epp module in the “Red Database” database management system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access and modify data...

The vulnerability of the force_close() function in the inet.cpp module of the “Red Database” database management system allows a hacker to cause a service failure on the server.

The vulnerability of the forceclose function in the inet.cpp module of the “Red Database” database management system is related to incorrect serialization checks. Exploiting this vulnerability could allow an attacker to cause service failures...

The vulnerability of the readConfig() function in the TraceConfiguration.cpp module of the “Red Database” database management system allows a hacker to cause a service failure.

The vulnerability of the readConfig function in the TraceConfiguration.cpp module of the “Red Database” database management system is related to the incorrect processing of the timeformat parameter. Exploiting this vulnerability can allow an attacker to cause a service failure...

A vulnerability exists in the CCH_release function of the cch.cpp module of the “Red Database” database management system, which allows a hacker to cause a service failure in the server.

The vulnerability in the CCHrelease function of the cch.cpp module of the “Red Database” database management system is related to the release of page cache. Exploiting this vulnerability could allow a malicious actor to cause a service failure in the server...

The vulnerability of the dsqlPass() function in the RecordSourceNodes.cpp module of the “Red Database” database management system allows a hacker to cause a service failure.

The vulnerability of the dsqlPass function in the RecordSourceNodes.cpp module of the “Red Database” database management system is related to incorrect implementation of requirements. Exploiting this vulnerability could allow an attacker to cause service interruptions...

The vulnerability of the CtrlCHandler() function in the why.cpp module of the “Red Database” database management system allows a hacker to cause a service failure.

The vulnerability of the CtrlCHandler function in the why.cpp module of the “Red Database” database management system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the gbak() function in the burp.cpp module of the “Red Database” database management system allows a hacker to cause a service failure.

The vulnerability of the gbak function in the burp.cpp module of the “Red Database” database management system is related to incorrect validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of the ERR_bugcheck_msg() function in the err.cpp module of the “Red Database” database management system allows attackers to conceal the source of attacks.

The vulnerability of the ERRbugcheckmsg function in the err.cpp module of the “Red Database” database management system is related to the occurrence of a critical error that prevented writes to the log before the server crashed. Exploiting this vulnerability could allow an attacker to remotely hi...

PT-2025-31631 · 'Ред Софт' · Ред База Данных

Уязвимость функции dsqlPass модуля RecordSourceNodes.cpp системы управления базами данных «Ред База Данных» связана неправильной реализацией требований. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании...

The vulnerability in the `TracePluginImpl::writePacket` method of the `TracePluginImpl.cpp` module of the “Red Database” database management system allows a hacker to perform operations without being recorded in the audit log.

The vulnerability of the TracePluginImpl::writePacket method in the TracePluginImpl.cpp module of the “Red Database” database management system is related to the use of binary auditing when the cancelonerror parameter is enabled. Exploiting this vulnerability allows a remote attacker to even canc...

The vulnerability of the PhysHdr class constructor in the CryptoManager.cpp module of the database management system “Red Database” allows a hacker to trigger a database access error.

The vulnerability of the PhysHdr class constructor in the CryptoManager.cpp module of the database management system “Red Database” is related to the fact that in some cases, when switching the database to incremental backup mode, the connection to this database would fail. Exploiting this...

The vulnerability of the main function in the guard.cpp module of the “Red Database” database management system allows a hacker to influence the operation of the rdbguard utility.

The vulnerability of the main function in the guard.cpp module of the “Red Database” database management system is related to the handling of the -t parameter. Exploiting this vulnerability can allow a malicious actor to cause a failure in the operation of the rdbguard utility...

The vulnerability of the evlReadFile function in the SysFunction.cpp module of the “Red Database” database management system allows a hacker to gain access to read files with tabular data structures.

The vulnerability of the evlReadFile function in the SysFunction.cpp module of the “Red Database” database management system is related to the mechanism for accessing file blocks, which is configured in the directories.conf configuration file. Exploiting this vulnerability allows a remote attacke...

The vulnerability of the main function (mint.cpp) in the database management system “Red Database”, which allows a perpetrator to cause errors in the operation of the mint utility.

The vulnerability of the main function mint.cpp in the “Red Database” database management system is related to the incorrect processing of parameter I in the mint utility. Exploiting this vulnerability allows a remote attacker to send an excessively long string to the utility, causing the mint...

The vulnerability of the CCHFlush function in the cch.cpp module of the “Red Database” database management system allows a hacker to cause a service failure.

The vulnerability of the CCHFlush function in the cch.cpp module of the “Red Database” database management system is related to the improper allocation of free memory for the database cache configuration parameter DefaultDbCachePages. Exploiting this vulnerability could allow an attacker to cause...

The vulnerability of the accept_connection function (in the server.cpp module) of the “Red Database” database management system allows a attacker to cause a service failure in the server.

The vulnerability of the acceptconnection function in the server.cpp module of the “Red Database” database management system lies in the fact that during user authentication, memory may be corrupted, and this data is then rewritten by another thread. Exploiting this vulnerability could allow an...

The vulnerability of the hashgen_main function (in the hashgen.cpp module) of the “Red Database” database management system allows a hacker to cause errors in the operation of the hashgen utility.

The vulnerability of the hashgenmain function in the hashgen.cpp module of the “Red Database” database management system is related to incorrect processing of input parameters from the hashgen utility. Exploiting this vulnerability can allow an attacker, operating remotely, to cause the hashgen...

The vulnerability of the audit plugin (of the TracePluginImpl class in the TracePluginImpl module) of the “Red Database” database management system allows a perpetrator to influence audit records.

The vulnerability of the audit plugin of the TracePluginImpl class within the TracePluginImpl module of the “Red Database” database management system relates to the possibility of assigning incorrect severity and facility parameters to certain events when these events are recorded in the OS syslo...

The vulnerability of the TrigVector::release function (module jrd.cpp) in the database management system “Red Database” allows a attacker to cause a service failure on the server.

The vulnerability of the TrigVector::release function module jrd.cpp in the “Red Database” database management system is related to the fact that when a trigger is executed, which also modifies another object in another context, there is a possibility of a crash due to the use of a previously fre...