Vulnerabilities > Firebirdsql > Firebird > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-28 | CVE-2017-11509 | SQL Injection vulnerability in multiple products An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement. | 8.8 |
| 2017-03-24 | CVE-2017-6369 | Missing Authorization vulnerability in Firebirdsql Firebird Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5.7 and 3.0.x before 3.0.2 allow remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so. | 8.8 |