The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of BDB

computer vulnerability alert CVE-2019-2708

Oracle Berkeley DB: denial of service via Data Store

Synthesis of the vulnerability

An attacker can trigger a fatal error via Data Store of Oracle Berkeley DB, in order to trigger a denial of service.
Impacted products: Berkeley DB.
Severity: 1/4.
Consequences: denial of service on service.
Provenance: user account.
Creation date: 17/04/2019.
Identifiers: cpuapr2019, CVE-2019-2708, VIGILANCE-VUL-29046.

Description of the vulnerability

An attacker can trigger a fatal error via Data Store of Oracle Berkeley DB, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert 26451

Berkeley DB: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Berkeley DB.
Impacted products: Berkeley DB.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights, data reading, data creation/edition, data deletion, denial of service on service.
Provenance: document.
Creation date: 18/06/2018.
Identifiers: VIGILANCE-VUL-26451.

Description of the vulnerability

An attacker can use several vulnerabilities of Berkeley DB.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-10140

Berkeley DB: privilege escalation via a DB_CONFIG file

Synthesis of the vulnerability

An attacker can bypass restrictions via DB_CONFIG of Berkeley DB, in order to escalate his privileges.
Impacted products: Debian, Exim, Fedora, Berkeley DB, Postfix, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: document.
Creation date: 14/06/2017.
Identifiers: CVE-2017-10140, DLA-1135-1, DLA-1136-1, DLA-1137-1, FEDORA-2017-014d67fa9d, FEDORA-2017-372bb1edb3, USN-3489-1, USN-3489-2, VIGILANCE-VUL-22972.

Description of the vulnerability

An attacker can create e DB_CONFIG file for Berkeley DB in the start forlder of a privileged process, in order to tamper with the database parameters.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2017-3604 CVE-2017-3605 CVE-2017-3606

Oracle Berkeley DB: vulnerabilities of April 2017

Synthesis of the vulnerability

Several vulnerabilities were announced in Oracle Berkeley DB.
Impacted products: Berkeley DB.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights, data reading, data creation/edition, data deletion, denial of service on service.
Provenance: user account.
Number of vulnerabilities in this bulletin: 14.
Creation date: 19/04/2017.
Identifiers: cpuapr2017, CVE-2017-3604, CVE-2017-3605, CVE-2017-3606, CVE-2017-3607, CVE-2017-3608, CVE-2017-3609, CVE-2017-3610, CVE-2017-3611, CVE-2017-3612, CVE-2017-3613, CVE-2017-3614, CVE-2017-3615, CVE-2017-3616, CVE-2017-3617, VIGILANCE-VUL-22490.

Description of the vulnerability

Several vulnerabilities were announced in Oracle Berkeley DB.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2016-0682 CVE-2016-0689 CVE-2016-0692

Oracle Berkeley DB: five vulnerabilities of April 2016

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Oracle Berkeley DB.
Impacted products: Berkeley DB.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, data reading, data creation/edition, data deletion, denial of service on service, denial of service on client.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 5.
Creation date: 20/04/2016.
Identifiers: cpuapr2016, CVE-2016-0682, CVE-2016-0689, CVE-2016-0692, CVE-2016-0694, CVE-2016-3418, VIGILANCE-VUL-19419.

Description of the vulnerability

Several vulnerabilities were announced in Oracle Berkeley DB.

An attacker can use a vulnerability of DataStore, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2016-0682]

An attacker can use a vulnerability of DataStore, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2016-0689]

An attacker can use a vulnerability of DataStore, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2016-0692]

An attacker can use a vulnerability of DataStore, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2016-0694]

An attacker can use a vulnerability of DataStore, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2016-3418]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2015-2583 CVE-2015-2624 CVE-2015-2626

Oracle Berkeley DB: several vulnerabilities of July 2015

Synthesis of the vulnerability

Several vulnerabilities of Oracle Berkeley DB were announced in July 2015.
Impacted products: Berkeley DB.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights, data reading, data creation/edition, data deletion, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 25.
Creation date: 15/07/2015.
Identifiers: CERTFR-2015-AVI-307, cpujul2015, CVE-2015-2583, CVE-2015-2624, CVE-2015-2626, CVE-2015-2640, CVE-2015-2654, CVE-2015-2656, CVE-2015-4754, CVE-2015-4764, CVE-2015-4774, CVE-2015-4775, CVE-2015-4776, CVE-2015-4777, CVE-2015-4778, CVE-2015-4779, CVE-2015-4780, CVE-2015-4781, CVE-2015-4782, CVE-2015-4783, CVE-2015-4784, CVE-2015-4785, CVE-2015-4786, CVE-2015-4787, CVE-2015-4788, CVE-2015-4789, CVE-2015-4790, VIGILANCE-VUL-17376.

Description of the vulnerability

Several vulnerabilities were announced in Oracle Berkeley DB.

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-2583]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-2626]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-2640]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-2654]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-2656]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-4754]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-2624]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-4784]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-4787]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-4789]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-4785]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-4786]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-4783]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-4764]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-4780]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-4790]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-4776]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-4775]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-4778]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-4777]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-4782]

An attacker can use a vulnerability, in order to obtain information, to alter information, or to trigger a denial of service. [severity:2/4; CVE-2015-4781]

An attacker can use a vulnerability, in order to alter information, or to trigger a denial of service. [severity:1/4; CVE-2015-4788]

An attacker can use a vulnerability, in order to alter information, or to trigger a denial of service. [severity:1/4; CVE-2015-4774]

An attacker can use a vulnerability, in order to alter information, or to trigger a denial of service. [severity:1/4; CVE-2015-4779]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about BDB: