Search CVE reports

Toggle filters

1 – 7 of 7 results

CVE-2023-41038

Medium priority
Needs evaluation

Firebird is a relational database. Versions 4.0.0 through 4.0.3 and version 5.0 beta1 are vulnerable to a server crash when a user uses a specific form of SET BIND statement. Any non-privileged user with minimum access to a server...

3 affected packages

firebird2.5, firebird3.0, relational

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firebird2.5 Not in release Not in release Not in release Needs evaluation
firebird3.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
relational Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2017-11509

Medium priority
Ignored

An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement.

2 affected packages

firebird2.5, firebird3.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firebird2.5 Not in release Ignored
firebird3.0 Ignored Not in release
Show less packages

CVE-2017-6369

Medium priority

Some fixes available 2 of 6

Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5.7 and 3.0.x before 3.0.2 allow remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so.

2 affected packages

firebird2.5, firebird3.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firebird2.5 Not in release Not in release Not in release Fixed
firebird3.0 Not affected Not affected Not affected Not in release
Show less packages

CVE-2016-1569

Medium priority
Ignored

FireBird 2.5.5 allows remote authenticated users to cause a denial of service (daemon crash) by using service manager to invoke the gbak utility with an invalid parameter.

1 affected package

firebird2.5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firebird2.5 Not in release Not affected
Show less packages

CVE-2014-9323

Medium priority

Some fixes available 1 of 6

The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a...

3 affected packages

firebird2.0, firebird2.1, firebird2.5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firebird2.0 Not in release Not in release
firebird2.1 Not in release Not in release
firebird2.5 Not in release Not affected
Show less packages

CVE-2013-2492

Medium priority
Ignored

Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to execute arbitrary code via a crafted packet to TCP port 3050, related to...

2 affected packages

firebird2.1, firebird2.5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firebird2.1 Not in release
firebird2.5 Not affected
Show less packages

CVE-2012-5529

Medium priority
Fixed

TraceManager in Firebird 2.5.0 and 2.5.1, when trace is enabled, allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by preparing an empty dynamic SQL query.

1 affected package

firebird2.5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firebird2.5
Show less packages