Vulnerabilities > IBM > Informix Dynamic Server > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-09 | CVE-2023-28523 | Out-of-bounds Write vulnerability in IBM products IBM Informix Dynamic Server 12.10 and 14.10 onsmsync is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. | 7.8 |
| 2019-08-20 | CVE-2019-4253 | Unspecified vulnerability in IBM Informix Dynamic Server 12.10 IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local privileged Informix user to load a malicious shared library and gain root access privileges. | 7.8 |
| 2019-08-20 | CVE-2018-1796 | Unspecified vulnerability in IBM Informix Dynamic Server 12.10 IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user to load malicious libraries and gain root privileges. | 7.8 |
| 2010-10-25 | CVE-2010-4069 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Informix Dynamic Server Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 7.x through 7.31, 9.x through 9.40, 10.00 before 10.00.xC10, 11.10 before 11.10.xC3, and 11.50 before 11.50.xC3 allows remote authenticated users to execute arbitrary code via long DBINFO keyword arguments in a SQL statement, aka idsdb00165017, idsdb00165019, idsdb00165021, idsdb00165022, and idsdb00165023. | 8.5 |
| 2008-03-18 | CVE-2008-0727 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Informix Dynamic Server Multiple buffer overflows in oninit.exe in IBM Informix Dynamic Server (IDS) 7.x through 11.x allow (1) remote attackers to execute arbitrary code via a long password and (2) remote authenticated users to execute arbitrary code via a long DBPATH value. | 8.5 |
| 2008-01-19 | CVE-2008-0368 | Local Privilege Escalation vulnerability in IBM Informix Dynamic Server 10.0 onedcu in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allows local users to create arbitrary files via the Trace file argument. | 7.2 |
| 2007-11-14 | CVE-2007-5956 | Path Traversal vulnerability in IBM Informix Dynamic Server Directory traversal vulnerability in IBM Informix Dynamic Server (IDS) before 10.00.xC7W1 allows local users to gain privileges by referencing modified NLS message files through directory traversal sequences in the DBLANG environment variable. | 7.2 |
| 2006-08-08 | CVE-2006-3862 | Multiple vulnerability in IBM Informix Dynamic Server Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute arbitrary code via the SQLIDEBUG environment variable (envariable). | 7.5 |
| 2004-01-27 | CVE-2004-2131 | Multiple vulnerability in IBM products Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable. | 7.2 |