VYPR

Informix Dynamic Server

by IBM

CVEs (55)

  • CVE-2016-0226HigMar 28, 2016
    risk 0.51cvss 7.8epss 0.00

    The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the (1) nsrd, (2) nsrexecd, and (3) portmap executable files, which allows local users to gain privileges via a Trojan horse file.

  • CVE-2017-1508MedSep 13, 2017
    risk 0.44cvss 6.7epss 0.00

    IBM Informix Dynamic Server 12.1 could allow a local user logged in with database administrator user to gain root privileges. IBM X-Force ID: 129620.

  • CVE-2017-1310MedJun 29, 2017
    risk 0.42cvss 6.5epss 0.02

    IBM Informix Dynamic Server 12.1 could allow an authenticated user to cause a buffer overflow that would write large assertion fail files to the server. Done enough times, this could use large parts of the file system and cause the server to crash. IBM X-Force ID: 125569.

  • CVE-2009-2754Mar 5, 2010
    risk 0.06cvss epss 0.40

    Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows…

  • CVE-2009-2753Mar 5, 2010
    risk 0.04cvss epss 0.11

    Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3, allow remote attackers to execute…

  • CVE-2004-2131Jan 27, 2004
    risk 0.03cvss epss 0.01

    Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable.

  • CVE-2024-45675Dec 2, 2025
    risk 0.00cvss epss 0.00

    IBM Informix Dynamic Server 14.10 could allow a local user on the system to log into the Informix server as administrator without a password.

  • CVE-2024-49343Jul 28, 2025
    risk 0.00cvss epss 0.00

    IBM Informix Dynamic Server 12.10 and 14.10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.

  • CVE-2024-49342Jul 28, 2025
    risk 0.00cvss epss 0.00

    IBM Informix Dynamic Server 12.10 and 14.10 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.

  • CVE-2025-1991Jun 28, 2025
    risk 0.00cvss epss 0.00

    IBM Informix Dynamic Server 12.10,14.10, and15.0 could allow a remote attacker to cause a denial of service due to an integer underflow when processing packets.

  • CVE-2023-28523Dec 9, 2023
    risk 0.00cvss epss 0.00

    IBM Informix Dynamic Server 12.10 and 14.10 onsmsync is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 250753.

  • CVE-2023-28526Dec 9, 2023
    risk 0.00cvss epss 0.00

    IBM Informix Dynamic Server 12.10 and 14.10 archecker is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251204.

  • CVE-2023-28527Dec 9, 2023
    risk 0.00cvss epss 0.00

    IBM Informix Dynamic Server 12.10 and 14.10 cdr is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251206.

  • CVE-2021-20515Apr 30, 2021
    risk 0.00cvss epss 0.00

    IBM Informix Dynamic Server 14.10 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local privileged user could overflow a buffer and execute arbitrary code on the system or cause a denial of service condition. IBM X-Force ID: 198366.

  • CVE-2020-4799Oct 8, 2020
    risk 0.00cvss epss 0.00

    IBM Informix spatial 14.10 could allow a local user to execute commands as a privileged user due to an out of bounds write vulnerability. IBM X-Force ID: 189460.

  • CVE-2019-4253Aug 20, 2019
    risk 0.00cvss epss 0.00

    IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local privileged Informix user to load a malicious shared library and gain root access privileges. IBM X-Force ID: 159941.

  • CVE-2018-1796Aug 20, 2019
    risk 0.00cvss epss 0.00

    IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user to load malicious libraries and gain root privileges. IBM X-Force ID: 149426.

  • CVE-2018-1636Aug 20, 2019
    risk 0.00cvss epss 0.00

    Stack-based buffer overflow in oninit in IBM Informix Dynamic Server Enterprise Edition 12.1 allows an authenticated user to execute predefined code with root privileges, such as escalating to a root shell. IBM X-Force ID: 144441.

  • CVE-2018-1635Aug 20, 2019
    risk 0.00cvss epss 0.00

    Stack-based buffer overflow in oninit in IBM Informix Dynamic Server Enterprise Edition 12.1 allows an authenticated user to execute predefined code with root privileges, such as escalating to a root shell. IBM X-Force ID: 144439.

  • CVE-2018-1634Aug 20, 2019
    risk 0.00cvss epss 0.00

    IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in infos.DBSERVERNAME. IBM X-Force ID: 144437.

Page 1 of 3