Vulnerabilities > IBM > Informix Dynamic Server > High

DATE CVE VULNERABILITY TITLE RISK
2023-12-09 CVE-2023-28523 Out-of-bounds Write vulnerability in IBM products
IBM Informix Dynamic Server 12.10 and 14.10 onsmsync is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code.
local
low complexity
ibm CWE-787
7.8
2020-10-08 CVE-2020-4799 Out-of-bounds Write vulnerability in IBM Informix Dynamic Server 14.10
IBM Informix spatial 14.10 could allow a local user to execute commands as a privileged user due to an out of bounds write vulnerability.
local
low complexity
ibm CWE-787
7.8
2019-08-20 CVE-2019-4253 Unspecified vulnerability in IBM Informix Dynamic Server 12.10
IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local privileged Informix user to load a malicious shared library and gain root access privileges.
local
low complexity
ibm
7.8
2019-08-20 CVE-2018-1796 Unspecified vulnerability in IBM Informix Dynamic Server 12.10
IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user to load malicious libraries and gain root privileges.
local
low complexity
ibm
7.8
2016-03-28 CVE-2016-0226 Improper Access Control vulnerability in IBM Informix Dynamic Server 11.70.Xcn
The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the (1) nsrd, (2) nsrexecd, and (3) portmap executable files, which allows local users to gain privileges via a Trojan horse file.
local
low complexity
ibm CWE-284
7.8