ReportizFlow
Filtered by vendor Firebirdsql
Subscriptions
Filtered by product Firebird
Subscriptions
Total
34 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-6369 | 1 Firebirdsql | 1 Firebird | 2025-04-20 | N/A |
| Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5.7 and 3.0.x before 3.0.2 allow remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so. | ||||
| CVE-2016-1569 | 1 Firebirdsql | 1 Firebird | 2025-04-12 | N/A |
| FireBird 2.5.5 allows remote authenticated users to cause a denial of service (daemon crash) by using service manager to invoke the gbak utility with an invalid parameter. | ||||
| CVE-2014-9323 | 4 Canonical, Debian, Firebirdsql and 1 more | 4 Ubuntu Linux, Debian Linux, Firebird and 1 more | 2025-04-12 | N/A |
| The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a non-empty status. | ||||
| CVE-2013-2492 | 2 Firebirdsql, Microsoft | 2 Firebird, Windows | 2025-04-11 | N/A |
| Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to execute arbitrary code via a crafted packet to TCP port 3050, related to a missing size check during extraction of a group number from CNCT information. | ||||
| CVE-2012-5529 | 1 Firebirdsql | 1 Firebird | 2025-04-11 | N/A |
| TraceManager in Firebird 2.5.0 and 2.5.1, when trace is enabled, allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by preparing an empty dynamic SQL query. | ||||
| CVE-2007-4992 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | N/A |
| Stack-based buffer overflow in the process_packet function in fbserver.exe in Firebird SQL 2.0.2 allows remote attackers to execute arbitrary code via a long request to TCP port 3050. | ||||
| CVE-2006-7214 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Firebird 1.5 allow remote attackers to (1) cause a denial of service (application crash) by sending many remote protocol versions; and (2) cause a denial of service (connection drop) via certain network traffic, as demonstrated by Nessus vulnerability scanning. | ||||
| CVE-2006-7211 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | N/A |
| fb_lock_mgr in Firebird 1.5 uses weak permissions (0666) for the semaphore array, which allows local users to cause a denial of service (blocked query processing) by locking semaphores. | ||||
| CVE-2006-7212 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | N/A |
| Multiple buffer overflows in Firebird 1.5, one of which affects WNET, have unknown impact and attack vectors. NOTE: this issue might overlap CVE-2006-1240. | ||||
| CVE-2006-7213 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | N/A |
| Firebird 1.5 allows remote authenticated users without SYSDBA and owner permissions to overwrite a database by creating a database. | ||||
| CVE-2007-5246 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in Firebird LI 2.0.0.12748 and 2.0.1.12855, and WI 2.0.0.12748 and 2.0.1.12855, allow remote attackers to execute arbitrary code via (1) a long attach request on TCP port 3050 to the isc_attach_database function or (2) a long create request on TCP port 3050 to the isc_create_database function. | ||||
| CVE-2009-2620 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | N/A |
| src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before 1.5.6, 2.0 before 2.0.6, 2.1 before 2.1.3, and 2.5 before 2.5 Beta 2 allows remote attackers to cause a denial of service (daemon crash) via a malformed op_connect_request message that triggers an infinite loop or NULL pointer dereference. | ||||
| CVE-2007-3181 | 2 Bakbone, Firebirdsql | 2 Netvault, Firebird | 2025-04-09 | N/A |
| Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute arbitrary code via a large p_cnct_count value in a p_cnct structure in a connect (0x01) request to port 3050/tcp, related to "an InterBase version of gds32.dll." | ||||
| CVE-2008-0467 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | N/A |
| Stack-based buffer overflow in Firebird before 2.0.4, and 2.1.x before 2.1.0 RC1, might allow remote attackers to execute arbitrary code via a long username. | ||||
| CVE-2007-2606 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | N/A |
| Multiple buffer overflows in Firebird 2.1 allow attackers to trigger memory corruption and possibly have other unspecified impact via certain input processed by (1) config\ConfigFile.cpp or (2) msgs\check_msgs.epp. NOTE: if ConfigFile.cpp reads a configuration file with restrictive permissions, then the ConfigFile.cpp vector may not cross privilege boundaries and perhaps should not be included in CVE. | ||||
| CVE-2007-4665 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | N/A |
| Unspecified vulnerability in the server in Firebird before 2.0.2 allows remote attackers to cause a denial of service (daemon crash) via an XNET session that makes multiple simultaneous requests to register events, aka CORE-1403. | ||||
| CVE-2007-4666 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | N/A |
| Unspecified vulnerability in the server in Firebird before 2.0.2, when a Superserver/TCP/IP environment is configured, allows remote attackers to cause a denial of service (CPU and memory consumption) via "large network packets with garbage", aka CORE-1397. | ||||
| CVE-2007-4667 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | N/A |
| Unspecified vulnerability in the Services API in Firebird before 2.0.2 allows remote attackers to cause a denial of service, aka CORE-1149. | ||||
| CVE-2007-4668 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | N/A |
| Unspecified vulnerability in the server in Firebird before 2.0.2 allows remote attackers to determine the existence of arbitrary files, and possibly obtain other "file access," via unknown vectors, aka CORE-1312. | ||||
| CVE-2007-4669 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | N/A |
| The Services API in Firebird before 2.0.2 allows remote authenticated users without SYSDBA privileges to read the server log (firebird.log), aka CORE-1148. | ||||