firebirdsql

Top products

The 15 most recently published vulnerabilities affecting firebirdsql.

• CVE-2026-40342Firebird: Path Traversal + Arbitrary File Write Leads to Remote Code Execution9.9Apr 17, 2026
• CVE-2026-35215Firebird: DoS via malicious slice descriptor in slice packet7.5Apr 17, 2026
• CVE-2026-34232Firebird: DoS via `op_response` packet from client7.5Apr 17, 2026
• CVE-2026-33337Firebird has a buffer overflow when parsing corrupted slice packets7.5Apr 17, 2026
• CVE-2026-28224Firebird Null Pointer Dereference via CryptCallback causes DOS8.2Apr 17, 2026
• CVE-2026-28214Firebird server hangs when using specific clumplet on batch creation6.5Apr 17, 2026
• CVE-2026-27890Firebird has Pre-Auth DOS when Processing Out of Order CNCT_specific_data Segments8.2Apr 17, 2026
• CVE-2026-28212Firebird has potential server crash via null pointer dereference when processing op_slice packet7.5Apr 17, 2026
• CVE-2025-65104Firebird: Information leak vulnerability in firebird3 client when used with newer server7.9Apr 17, 2026
• CVE-2025-24975Firebird Non-Authorized Access to Encrypted Database Using Execute Statement on External7.1Aug 15, 2025
• CVE-2025-54989Firebird XDR Message Parsing NULL Pointer Dereference Denial-of-Service Vulnerability5.3Aug 15, 2025
• CVE-2023-41038Server crash when using specific form of SET BIND statement7.5Mar 20, 2024
• CVE-2017-11509An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement.8.8Mar 28, 2018
• CVE-2017-6369Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5.7 and 3.0.x before 3.0.2 allow remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so.8.8Mar 24, 2017
• CVE-2016-1569FireBird 2.5.5 allows remote authenticated users to cause a denial of service (daemon crash) by using service manager to invoke the gbak utility with an invalid parameter.6.5Jan 13, 2016