This page lists publicly disclosed CVE vulnerabilities affecting ibm informix_dynamic_server (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-45675 | IBM Informix Dynamic Server 14.10 could allow a local user on the system to log into the Informix server as administrator without a password. | [email protected] | 8.4 | 0.09% | 2025-12-02 | 2025-12-03 |
| CVE-2024-49343 | IBM Informix Dynamic Server 12.10 and 14.10 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. | [email protected] | 5.4 | 0.19% | 2025-07-28 | 2025-08-06 |
| CVE-2024-49342 | IBM Informix Dynamic Server 12.10 and 14.10 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | [email protected] | 7.5 | 0.33% | 2025-07-28 | 2025-08-06 |
| CVE-2025-1991 | IBM Informix Dynamic Server 12.10,14.10, and15.0 could allow a remote attacker to cause a denial of service due to an integer underflow when processing packets. | [email protected] | 7.5 | 0.43% | 2025-06-28 | 2025-08-14 |
| CVE-2023-28527 | IBM Informix Dynamic Server 12.10 and 14.10 cdr is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251206. | [email protected] | 6.2 | 0.23% | 2023-12-09 | 2024-11-21 |
| CVE-2023-28526 | IBM Informix Dynamic Server 12.10 and 14.10 archecker is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a local user to cause a segmentation fault. IBM X-Force ID: 251204. | [email protected] | 6.2 | 0.23% | 2023-12-09 | 2024-11-21 |
| CVE-2023-28523 | IBM Informix Dynamic Server 12.10 and 14.10 onsmsync is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 250753. | [email protected] | 8.4 | 0.29% | 2023-12-09 | 2024-11-21 |
| CVE-2021-20515 | IBM Informix Dynamic Server 14.10 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local privileged user could overflow a buffer and execute arbitrary code on the system or cause a denial of service condition. IBM X-Force ID: 198366. | [email protected] | 6.7 | 0.32% | 2021-04-30 | 2024-11-21 |
| CVE-2020-4799 | IBM Informix spatial 14.10 could allow a local user to execute commands as a privileged user due to an out of bounds write vulnerability. IBM X-Force ID: 189460. | [email protected] | 7.8 | 0.36% | 2020-10-08 | 2024-11-21 |
| CVE-2019-4253 | IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local privileged Informix user to load a malicious shared library and gain root access privileges. IBM X-Force ID: 159941. | [email protected] | 7.8 | 0.42% | 2019-08-20 | 2024-11-21 |
| CVE-2018-1796 | IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user to load malicious libraries and gain root privileges. IBM X-Force ID: 149426. | [email protected] | 7.8 | 0.36% | 2019-08-20 | 2024-11-21 |
| CVE-2018-1636 | Stack-based buffer overflow in oninit in IBM Informix Dynamic Server Enterprise Edition 12.1 allows an authenticated user to execute predefined code with root privileges, such as escalating to a root shell. IBM X-Force ID: 144441. | [email protected] | 6.7 | 0.44% | 2019-08-20 | 2024-11-21 |
| CVE-2018-1635 | Stack-based buffer overflow in oninit in IBM Informix Dynamic Server Enterprise Edition 12.1 allows an authenticated user to execute predefined code with root privileges, such as escalating to a root shell. IBM X-Force ID: 144439. | [email protected] | 6.7 | 0.44% | 2019-08-20 | 2024-11-21 |
| CVE-2018-1634 | IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in infos.DBSERVERNAME. IBM X-Force ID: 144437. | [email protected] | 6.7 | 0.42% | 2019-08-20 | 2024-11-21 |
| CVE-2018-1633 | IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in onsrvapd. IBM X-Force ID: 144434. | [email protected] | 6.7 | 0.42% | 2019-08-20 | 2024-11-21 |
| CVE-2018-1632 | IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in .infxdirs. IBM X-Force ID: 144432. | [email protected] | 6.7 | 0.42% | 2019-08-20 | 2024-11-21 |
| CVE-2018-1631 | IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in oninit mongohash. IBM X-Force ID: 144431. | [email protected] | 6.7 | 0.42% | 2019-08-20 | 2024-11-21 |
| CVE-2018-1630 | IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in onmode. IBM X-Force ID: 144430. | [email protected] | 6.7 | 0.42% | 2019-08-20 | 2024-11-21 |
| CVE-2017-1508 | IBM Informix Dynamic Server 12.1 could allow a local user logged in with database administrator user to gain root privileges. IBM X-Force ID: 129620. | [email protected] | 6.7 | 0.33% | 2017-09-13 | 2026-05-13 |
| CVE-2017-1310 | IBM Informix Dynamic Server 12.1 could allow an authenticated user to cause a buffer overflow that would write large assertion fail files to the server. Done enough times, this could use large parts of the file system and cause the server to crash. IBM X-Force ID: 125569. | [email protected] | 6.5 | 1.69% | 2017-06-29 | 2026-05-13 |