Soliddb

soliddb

Vendor: Ibm • 13 CVEs

CVEs (13)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2013-3031 1Ibm 1Soliddb Apr 29, 2026 Sep 9, 2013 N/A· v4 N/A· v3 3.5 LOW· v2 A SQL stored procedure in the Universal Cache component in IBM solidDB 6.0.x before 6.0.1070, 6.3.x before 6.3.0.56, 6.5.x before 6.5.0.12, and 7.0.x before 7.0.0.4 allows remote authenticated users to cause a denial of...Show more A SQL stored procedure in the Universal Cache component in IBM solidDB 6.0.x before 6.0.1070, 6.3.x before 6.3.0.56, 6.5.x before 6.5.0.12, and 7.0.x before 7.0.0.4 allows remote authenticated users to cause a denial of service (uninitialized-memory access and daemon crash) via a call that includes named arguments and default parameter values, but does not include all of the expected arguments.Show less
CVE-2012-0200 1Ibm 1Soliddb Apr 29, 2026 Feb 21, 2012 N/A· v4 N/A· v3 4.0 MEDIUM· v2 The server in IBM solidDB 6.5 before Interim Fix 6 does not properly initialize data structures, which allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a redundant...Show more The server in IBM solidDB 6.5 before Interim Fix 6 does not properly initialize data structures, which allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a redundant WHERE condition.Show less
CVE-2011-4890 1Ibm 1Soliddb Apr 29, 2026 Feb 21, 2012 N/A· v4 N/A· v3 4.0 MEDIUM· v2 The server in IBM solidDB 6.5 before FP9 and 7.0 before FP1 allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a ROWNUM condition involving a subquery.
CVE-2011-1208 1Ibm 1Soliddb Apr 29, 2026 May 5, 2011 N/A· v4 N/A· v3 7.8 HIGH· v2 IBM solidDB 4.5.x before 4.5.182, 6.0.x before 6.0.1069, 6.1.x and 6.3.x before 6.3 FP8 (aka 6.3.49), and 6.5.x before 6.5 FP4 (aka 6.5.0.4) does not properly handle the (1) rpc_test_svc_readwrite and (2) rpc_test_svc_do...Show more IBM solidDB 4.5.x before 4.5.182, 6.0.x before 6.0.1069, 6.1.x and 6.3.x before 6.3 FP8 (aka 6.3.49), and 6.5.x before 6.5 FP4 (aka 6.5.0.4) does not properly handle the (1) rpc_test_svc_readwrite and (2) rpc_test_svc_done commands, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted command.Show less
CVE-2011-1560 1Ibm 1Soliddb Apr 29, 2026 Apr 5, 2011 N/A· v4 N/A· v3 9.3 HIGH· v2 solid.exe in IBM solidDB before 4.5.181, 6.0.x before 6.0.1067, 6.1.x and 6.3.x before 6.3.47, and 6.5.x before 6.5.0.3 uses a password-hash length specified by the client, which allows remote attackers to bypass authent...Show more solid.exe in IBM solidDB before 4.5.181, 6.0.x before 6.0.1067, 6.1.x and 6.3.x before 6.3.47, and 6.5.x before 6.5.0.3 uses a password-hash length specified by the client, which allows remote attackers to bypass authentication via a short length value.Show less
CVE-2010-4057 1Ibm 1Soliddb Apr 29, 2026 Oct 23, 2010 N/A· v4 N/A· v3 5.0 MEDIUM· v2 solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing many integer fields with two different values, which allows remote attac...Show more solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing many integer fields with two different values, which allows remote attackers to cause a denial of service (invalid memory access and daemon crash) via a TCP session on port 1315.Show less
CVE-2010-4056 1Ibm 1Soliddb Apr 29, 2026 Oct 23, 2010 N/A· v4 N/A· v3 5.0 MEDIUM· v2 solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing a single integer field, which allows remote attackers to cause a denial...Show more solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing a single integer field, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TCP session on port 1315.Show less
CVE-2010-4055 1Ibm 1Soliddb Apr 29, 2026 Oct 23, 2010 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Stack consumption vulnerability in solid.exe in IBM solidDB 6.5.0.3 and earlier allows remote attackers to cause a denial of service (memory consumption and daemon crash) by connecting to TCP port 1315 and sending a pack...Show more Stack consumption vulnerability in solid.exe in IBM solidDB 6.5.0.3 and earlier allows remote attackers to cause a denial of service (memory consumption and daemon crash) by connecting to TCP port 1315 and sending a packet with many integer fields, which trigger many recursive calls of a certain function.Show less
CVE-2010-2771 1Ibm 1Soliddb Apr 29, 2026 Jul 22, 2010 N/A· v4 N/A· v3 10.0 HIGH· v2 solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet.
CVE-2008-1708 1Ibm 1Soliddb Apr 23, 2026 Apr 9, 2008 N/A· v4 N/A· v3 4.3 MEDIUM· v2 IBM solidDB 06.00.1018 and earlier does not validate a certain field that specifies an amount of memory to allocate, which allows remote attackers to cause a denial of service (daemon exit) via a packet with a large valu...Show more IBM solidDB 06.00.1018 and earlier does not validate a certain field that specifies an amount of memory to allocate, which allows remote attackers to cause a denial of service (daemon exit) via a packet with a large value in this field.Show less
CVE-2008-1707 1Ibm 1Soliddb Apr 23, 2026 Apr 9, 2008 N/A· v4 N/A· v3 4.3 MEDIUM· v2 IBM solidDB 06.00.1018 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a packet with an 0x11 value in a certain "type" field.
CVE-2008-1706 1Ibm 1Soliddb Apr 23, 2026 Apr 9, 2008 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Uncontrolled array index in IBM solidDB 06.00.1018 and earlier allows remote attackers to cause a denial of service (daemon crash) via a large value in a certain 32-bit field.
CVE-2008-1705 1Ibm 1Soliddb Apr 23, 2026 Apr 9, 2008 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Format string vulnerability in the logging function in IBM solidDB 06.00.1018 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the (1) user name, (2) peer name, and possibly u...Show more Format string vulnerability in the logging function in IBM solidDB 06.00.1018 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the (1) user name, (2) peer name, and possibly unspecified other fields.Show less