CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49343 – IBM Informix Dynamic Server HTML injection
https://notcve.org/view.php?id=CVE-2024-49343
28 Jul 2025 — IBM Informix Dynamic Server 12.10 and 14.10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM Informix Dynamic Server 12.10 y 14.10 es vulnerable a la inyección de HTML. Un atacante remoto podría inyectar código HTML malicioso que, al visualizarse, se ejecutaría en el navegador web de la víctima dentro del contexto de seguridad del sitio web que lo aloja. • https://www.ibm.com/support/pages/node/7240777 • CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49342 – IBM Informix Dynamic Server information disclosure
https://notcve.org/view.php?id=CVE-2024-49342
28 Jul 2025 — IBM Informix Dynamic Server 12.10 and 14.10 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM Informix Dynamic Server 12.10 y 14.10 utiliza una configuración de bloqueo de cuenta inadecuada que podría permitir que un atacante remoto obtenga credenciales de cuenta por fuerza bruta. • https://www.ibm.com/support/pages/node/7240777 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-1991 – IBM Informix Dynamic Server denial of service
https://notcve.org/view.php?id=CVE-2025-1991
28 Jun 2025 — IBM Informix Dynamic Server 12.10,14.10, and15.0 could allow a remote attacker to cause a denial of service due to an integer underflow when processing packets. • https://www.ibm.com/support/pages/node/7238455 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-35895 – IBM Informix JDBC code execution
https://notcve.org/view.php?id=CVE-2023-35895
20 Dec 2023 — IBM Informix JDBC Driver 4.10 and 4.50 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 259116. IBM Informix JDBC Driver 4.10 y 4.50 es susceptible a ataques de ejecución remota de código mediante inyección JNDI al pasar un argumento no marcado a una determinada API. ID de IBM X-Force: 259116. • https://exchange.xforce.ibmcloud.com/vulnerabilities/259116 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-28523 – IBM Informix Dynamic Server buffer overflow
https://notcve.org/view.php?id=CVE-2023-28523
09 Dec 2023 — IBM Informix Dynamic Server 12.10 and 14.10 onsmsync is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 250753. IBM Informix Dynamic Server 12.10 y 14.10 onsmsync es vulnerable a un desbordamiento de búfer de almacenamiento dinámico, causado por una verificación de los límites inadecuada que podría permitir a un atacante ejecutar código arbitrario. ID de IBM X-Force: 250753. • https://exchange.xforce.ibmcloud.com/vulnerabilities/250753 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2023-28526 – IBM Informix Dynamic Server buffer overflow
https://notcve.org/view.php?id=CVE-2023-28526
09 Dec 2023 — IBM Informix Dynamic Server 12.10 and 14.10 archecker is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251204. IBM Informix Dynamic Server 12.10 y 14.10 archecker es vulnerable a un desbordamiento de búfer de almacenamiento dinámico, causado por una verificación de los límites incorrecta que podría permitir que un usuario local cause un error de segmentación. ID de IBM X-Force: 251204. • https://exchange.xforce.ibmcloud.com/vulnerabilities/251204 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2023-28527 – IBM Informix Dynamic Server buffer overflow
https://notcve.org/view.php?id=CVE-2023-28527
09 Dec 2023 — IBM Informix Dynamic Server 12.10 and 14.10 cdr is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251206. IBM Informix Dynamic Server 12.10 y 14.10 cdr es vulnerable a un desbordamiento de búfer de almacenamiento dinámico, causado por una verificación de los límites incorrecta que podría permitir que un usuario local cause un error de segmentación. ID de IBM X-Force: 251206. • https://exchange.xforce.ibmcloud.com/vulnerabilities/251206 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27866 – IBM Informix JDBC code execution
https://notcve.org/view.php?id=CVE-2023-27866
28 Jun 2023 — IBM Informix JDBC Driver 4.10 and 4.50 is susceptible to remote code execution attack via JNDI injection when driver code or the application using the driver do not verify supplied LDAP URL in Connect String. IBM X-Force ID: 249511. • https://exchange.xforce.ibmcloud.com/vulnerabilities/249511 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.7EPSS: 0%CPEs: 6EXPL: 0CVE-2021-20515
https://notcve.org/view.php?id=CVE-2021-20515
30 Apr 2021 — IBM Informix Dynamic Server 14.10 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local privileged user could overflow a buffer and execute arbitrary code on the system or cause a denial of service condition. IBM X-Force ID: 198366. IBM Informix Dynamic Server versión 14.10, es vulnerable a un desbordamiento del búfer en la región stack de la memoria, causado por una comprobación de límites inapropiada. Un usuario privilegiado local podría desbordar un búfer y ejec... • https://exchange.xforce.ibmcloud.com/vulnerabilities/198366 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4799 – IBM Informix spatial Out-Of-Bounds Write Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-4799
08 Oct 2020 — IBM Informix spatial 14.10 could allow a local user to execute commands as a privileged user due to an out of bounds write vulnerability. IBM X-Force ID: 189460. IBM Informix spatial versión 14.10, podría permitir a un usuario local ejecutar comandos como usuario privilegiado debido a una vulnerabilidad de escritura fuera de límites. IBM X-Force ID: 189460 This vulnerability allows local attackers to escalate privileges on affected installations of IBM Informix. An attacker must first obtain the abilit... • https://exchange.xforce.ibmcloud.com/vulnerabilities/189460 • CWE-787: Out-of-bounds Write •