VYPR
Vendor

Teradata

Products
8
CVEs
8
Across products
12
Status
Private

Products

8

Recent CVEs

8
  • CVE-2016-7489CriNov 10, 2016
    risk 0.64cvss 9.8epss 0.04

    Teradata Virtual Machine Community Edition v15.10's perl script /opt/teradata/gsctools/bin/t2a.pl creates files in /tmp in an insecure manner, this may lead to elevated code execution.

  • CVE-2016-7490HigNov 10, 2016
    risk 0.51cvss 7.8epss 0.01

    The installation script studioexpressinstall for Teradata Studio Express 15.12.00.00 creates files in /tmp insecurely. A malicious local user could create a symlink in /tmp and possibly clobber system files or perhaps elevate privileges.

  • CVE-2016-7488HigNov 10, 2016
    risk 0.51cvss 7.8epss 0.01

    Teradata Virtual Machine Community Edition v15.10 has insecure file permissions on /etc/luminex/pkgmgr. These could allow a local user to modify its contents and execute commands as root.

  • CVE-2015-5401HigMay 23, 2017
    risk 0.49cvss 7.5epss 0.02

    Teradata Gateway before 15.00.03.02-1 and 15.10.x before 15.10.00.01-1 and TD Express before 15.00.02.08_Sles10 and 15.00.02.08_Sles11 allow remote attackers to cause a denial of service (database crash) via a malformed CONFIG REQUEST message.

  • CVE-2024-52870HigJan 17, 2025
    risk 0.46cvss 7.1epss 0.00

    Teradata Vantage Editor 1.0.1 is mostly intended for SQL database access and docs.teradata.com access, but provides unintended functionality (including Chromium Developer Tools) that can result in a client user accessing arbitrary remote websites.

  • CVE-2025-70956HigFeb 13, 2026
    risk 0.42cvss 7.5epss 0.00

    A State Pollution vulnerability was discovered in the TON Virtual Machine (TVM) before v2025.04. The issue exists in the RUNVM instruction logic (VmState::run_child_vm), which is responsible for initializing child virtual machines. The operation moves critical resources…

  • CVE-2025-70954HigFeb 13, 2026
    risk 0.42cvss 7.5epss 0.01

    A Null Pointer Dereference vulnerability exists in the TON Virtual Machine (TVM) within the TON Blockchain before v2025.06. The issue is located in the execution logic of the INMSGPARAM instruction, where the program fails to validate if a specific pointer is null before…

  • CVE-2024-52869MedJan 8, 2025
    risk 0.39cvss 6.0epss 0.00

    Certain Teradata account-handling code through 2024-11-04, used with SUSE Enterprise Linux Server, mismanages groups. Specifically, when there is an operating system move from SUSE Enterprise Linux Server (SLES) 12 Service Pack (SP) 2 or 3 to SLES 15 SP2 on Teradata Database…