Unidata

unidata

CVEs (9)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-28509 1Rocketsoftware 2Unidata Universe Feb 18, 2025 Mar 29, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 use weak encryption for packet-level security and passwords transferred on the wire.
CVE-2023-28508 1Rocketsoftware 2Unidata Universe Feb 18, 2025 Mar 29, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a heap-based overflow vulnerability, where certain input can corrupt the heap a...Show more Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a heap-based overflow vulnerability, where certain input can corrupt the heap and crash the forked process.Show less
CVE-2023-28507 1Rocketsoftware 2Unidata Universe Feb 18, 2025 Mar 29, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a memory-exhaustion issue, where a decompression routine will allocate increasi...Show more Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a memory-exhaustion issue, where a decompression routine will allocate increasing amounts of memory until all system memory is exhausted and the forked process crashes.Show less
CVE-2023-28506 1Rocketsoftware 2Unidata Universe Feb 18, 2025 Mar 29, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow, where a string is copied into a buffer using a m...Show more Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow, where a string is copied into a buffer using a memcpy-like function and a user-provided length. This requires a valid login to exploit.Show less
CVE-2023-28505 1Rocketsoftware 2Unidata Universe Feb 18, 2025 Mar 29, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a buffer overflow in an API function, where a string is copied into a caller-pr...Show more Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a buffer overflow in an API function, where a string is copied into a caller-provided buffer without checking the length. This requires a valid login to exploit.Show less
CVE-2023-28504 1Rocketsoftware 2Unidata Universe Feb 18, 2025 Mar 29, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow that can lead to remote code execution as the roo...Show more Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow that can lead to remote code execution as the root user.Show less
CVE-2023-28503 1Rocketsoftware 2Unidata Universe Feb 18, 2025 Mar 29, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from an authentication bypass vulnerability, where a special username with a determi...Show more Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from an authentication bypass vulnerability, where a special username with a deterministic password can be leveraged to bypass authentication checks and execute OS commands as the root user.Show less
CVE-2023-28502 1Rocketsoftware 2Unidata Universe Feb 18, 2025 Mar 29, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow in the "udadmin" service that can lead to remote...Show more Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow in the "udadmin" service that can lead to remote code execution as the root user.Show less
CVE-2023-28501 1Rocketsoftware 2Unidata Universe Feb 18, 2025 Mar 29, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a heap-based buffer overflow in the unirpcd daemon that, if successfully exploi...Show more Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a heap-based buffer overflow in the unirpcd daemon that, if successfully exploited, can lead to remote code execution as the root user.Show less