Ibm Informix Dynamic Server — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Informix Dynamic Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2008-0768 — CVSS 10.0 (critical): Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager (ISM), as used in…
CVE-2008-0949 — CVSS 10.0 (critical): Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 7.x through 11.x allows remote attackers to gain privileges via a malformed…
CVE-2009-2753 — CVSS 10.0 (critical): Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka…
CVE-2009-2754 — CVSS 10.0 (critical): Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka…
CVE-2010-4070 — CVSS 10.0 (critical): Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server…
CVE-2011-1033 — CVSS 9.3 (critical): Stack-based buffer overflow in oninit in IBM Informix Dynamic Server (IDS) 11.50 allows remote attackers to execute arbitrary code via…
CVE-2012-3334 — CVSS 9.0 (critical): Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 11.50 before 11.50.xC9W2 and 11.70 before 11.70.xC5 allows remote…
CVE-2012-4857 — CVSS 9.0 (critical): Buffer overflow in IBM Informix 11.50 through 11.50.xC9W2 and 11.70 before 11.70.xC7 allows remote authenticated users to execute arbitrary…
CVE-2010-4053 — CVSS 9.0 (critical): Stack-based buffer overflow in an unspecified logging function in oninit.exe in IBM Informix Dynamic Server (IDS) 11.10 before 11.10.xC2W2…
CVE-2010-4069 — CVSS 8.5 (high): Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 7.x through 7.31, 9.x through 9.40, 10.00 before 10.00.xC10, 11.10 before…
CVE-2008-0727 — CVSS 8.5 (high): Multiple buffer overflows in oninit.exe in IBM Informix Dynamic Server (IDS) 7.x through 11.x allow (1) remote attackers to execute…
CVE-2023-28523 — CVSS 8.4 (high): IBM Informix Dynamic Server 12.10 and 14.10 onsmsync is vulnerable to a heap buffer overflow, caused by improper bounds checking which…
CVE-2024-45675 — CVSS 8.4 (high): IBM Informix Dynamic Server 14.10 could allow a local user on the system to log into the Informix server as administrator without a…
CVE-2016-0226 — CVSS 7.8 (high): The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the (1) nsrd, (2)…
CVE-2019-4253 — CVSS 7.8 (high): IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local privileged Informix user to load a malicious shared library and…
CVE-2020-4799 — CVSS 7.8 (high): IBM Informix spatial 14.10 could allow a local user to execute commands as a privileged user due to an out of bounds write vulnerability…
CVE-2018-1796 — CVSS 7.8 (high): IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user to load malicious libraries and gain root privileges. IBM…
CVE-2025-1991 — CVSS 7.5 (high): IBM Informix Dynamic Server 12.10,14.10, and15.0 could allow a remote attacker to cause a denial of service due to an integer underflow…
CVE-2006-3862 — CVSS 7.5 (high): Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute…
CVE-2024-49342 — CVSS 7.5 (high): IBM Informix Dynamic Server 12.10 and 14.10 uses an inadequate account lockout setting that could allow a remote attacker to brute force…
CVE-2007-5956 — CVSS 7.2 (high): Directory traversal vulnerability in IBM Informix Dynamic Server (IDS) before 10.00.xC7W1 allows local users to gain privileges by…
CVE-2008-0368 — CVSS 7.2 (high): onedcu in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allows local users to create arbitrary files via the Trace file argument.
CVE-2004-2131 — CVSS 7.2 (high): Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges…
CVE-2008-0369 — CVSS 6.9 (medium): Multiple unspecified programs in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allow local users to create arbitrary files by…
CVE-2018-1631 — CVSS 6.7 (medium): IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root…
CVE-2018-1632 — CVSS 6.7 (medium): IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root…
CVE-2018-1635 — CVSS 6.7 (medium): Stack-based buffer overflow in oninit in IBM Informix Dynamic Server Enterprise Edition 12.1 allows an authenticated user to execute…
CVE-2018-1634 — CVSS 6.7 (medium): IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root…
CVE-2018-1633 — CVSS 6.7 (medium): IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root…
CVE-2021-20515 — CVSS 6.7 (medium): IBM Informix Dynamic Server 14.10 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local privileged…
CVE-2018-1636 — CVSS 6.7 (medium): Stack-based buffer overflow in oninit in IBM Informix Dynamic Server Enterprise Edition 12.1 allows an authenticated user to execute…
CVE-2017-1508 — CVSS 6.7 (medium): IBM Informix Dynamic Server 12.1 could allow a local user logged in with database administrator user to gain root privileges. IBM X-Force…
CVE-2018-1630 — CVSS 6.7 (medium): IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root…
CVE-2006-3855 — CVSS 6.5 (medium): The ifx_load_internal function in IBM Informix Dynamic Server (IDS) allows remote authenticated users to execute arbitrary C code via the…
CVE-2017-1310 — CVSS 6.5 (medium): IBM Informix Dynamic Server 12.1 could allow an authenticated user to cause a buffer overflow that would write large assertion fail files…
CVE-2023-28526 — CVSS 6.2 (medium): IBM Informix Dynamic Server 12.10 and 14.10 archecker is vulnerable to a heap buffer overflow, caused by improper bounds checking which…
CVE-2023-28527 — CVSS 6.2 (medium): IBM Informix Dynamic Server 12.10 and 14.10 cdr is vulnerable to a heap buffer overflow, caused by improper bounds checking which could…
CVE-2024-49343 — CVSS 5.4 (medium): IBM Informix Dynamic Server 12.10 and 14.10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when…
CVE-2006-3853 — CVSS 5.1 (medium): Buffer overflow in IBM Informix Dynamic Server (IDS) before 9.40.TC7 and 10.00 before 10.00.TC3, when running on Windows, allows remote…
CVE-2009-3470 — CVSS 5.0 (medium): IBM Informix Dynamic Server (IDS) 10.00 before 10.00.xC11, 11.10 before 11.10.xC4, and 11.50 before 11.50.xC5 allows remote attackers to…
CVE-2007-5957 — CVSS 4.9 (medium): Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.00.TC3TL and 11.10.TB4TL on Windows allows attackers to cause a denial of…
CVE-2004-2490 — CVSS 4.6 (medium): Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.xC1 and 9.40.xC2 allows local users to execute arbitrary code via a long GL_PATH…
CVE-2004-2489 — CVSS 4.6 (medium): Format string vulnerability in IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to execute arbitrary code via a…
CVE-2006-5663 — CVSS 4.6 (medium): IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure…
CVE-2006-5664 — CVSS 4.6 (medium): The installation script in IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect…
CVE-2006-3861 — CVSS 4.0 (medium): IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 does not use database creation permissions, which allows…
CVE-2004-2319 — CVSS 3.6 (low): IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to (1) create or overwrite files via the /001 log file to onedcu or…
CVE-2006-5163 — CVSS 3.6 (low): IBM Informix Dynamic Server 10.UC3RC1 Trial for Linux and possibly other versions creates /tmp/installserver.txt with insecure permissions…
CVE-2006-3856 — CVSS 2.1 (low): IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows local users to cause a denial of service (crash) via…
CVE-2006-3858 — CVSS 2.1 (low): IBM Informix Dynamic Server (IDS) before 9.40.xC8 and 10.00 before 10.00.xC4 stores passwords in plaintext in shared memory, which allows…