Product
orientdb
8 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2019-25449
CVE-2019-25448
CVE-2019-25447
CVE-2020-6230
CVE-2017-11467
CVE-2015-2918
CVE-2015-2913
CVE-2015-2912
all versions
OrientDB 3.0.17 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submi
all versions
OrientDB 3.0.17 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scrip
all versions
OrientDB 3.0.17 GA Community Edition contains cross-site request forgery vulnerabilities that allow attackers to perform unauthori
all versions
SAP OrientDB, version 3.0, allows an authenticated attacker with script execute/write permissions to inject code that can be execu
<= 2.2.22
OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remo
all versions
The Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict use of F
all versions
server/network/protocol/http/OHttpSessionManager.java in the Studio component in OrientDB Server Community Edition before 2.0.15 a
<= 2.0.14
The JSONP endpoint in the Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not prop