IBM UniVerse with UV/ODBC allows attackers to cause a denial of service (client crash or server CPU consumption) via a query with an invalid link between tables, possibly via a buffer overflow.
7AI Score
0.002EPSS
cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files.
7.8CVSS
6.9AI Score
0.0004EPSS
uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier trusts the user-supplied -uv.install command line option to find and execute the uv.install program, which allows local users to gain privileges by providing a pathname that is under control of the user.
7.1AI Score
0.0004EPSS
Buffer overflow in uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier allows the uvadm user to execute arbitrary code via a long -uv.install command line argument.
7.9AI Score
0.0004EPSS