Rocketsoftware Unidata
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Rocketsoftware Unidata.
By the Year
In 2026 there have been 0 vulnerabilities in Rocketsoftware Unidata. Unidata did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 9 | 9.21 |
It may take a day or so for new Unidata vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Rocketsoftware Unidata Security Vulnerabilities
Heap Overflow in Rocket UniData <8.2.4 Build 3003 & UniVerse <11.3.5/12.2.1 Crash
CVE-2023-28508
8.8 - High
- March 29, 2023
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a heap-based overflow vulnerability, where certain input can corrupt the heap and crash the forked process.
Memory Corruption
Rocket UniData/UniVerse Prior 8.2.4 Memory Exhaustion via Decompression
CVE-2023-28507
9.8 - Critical
- March 29, 2023
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a memory-exhaustion issue, where a decompression routine will allocate increasing amounts of memory until all system memory is exhausted and the forked process crashes.
Resource Exhaustion
Rocket Software UniData<8.2.4 & UniVerse<11.3.5 Buffer Overflow
CVE-2023-28506
8.8 - High
- March 29, 2023
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow, where a string is copied into a buffer using a memcpy-like function and a user-provided length. This requires a valid login to exploit.
Memory Corruption
UniData/UniVerse Buffer Overflow in API Function (pre-8.2.4/pre-11.3.5)
CVE-2023-28505
8.8 - High
- March 29, 2023
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a buffer overflow in an API function, where a string is copied into a caller-provided buffer without checking the length. This requires a valid login to exploit.
Classic Buffer Overflow
Stack overrun in Rocket UniData<8.2.4 build3003 / UniVerse<11.3.5/12.2.1 RCE as root
CVE-2023-28504
9.8 - Critical
- March 29, 2023
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow that can lead to remote code execution as the root user.
Memory Corruption
Auth Bypass in Rocket UniData<8.2.4, UniVerse<11.3.5 via Custom User
CVE-2023-28503
9.8 - Critical
- March 29, 2023
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from an authentication bypass vulnerability, where a special username with a deterministic password can be leveraged to bypass authentication checks and execute OS commands as the root user.
authentification
Weak packet-level encryption in Rocket UniData <=8.2.4 (CVE202328509)
CVE-2023-28509
7.5 - High
- March 29, 2023
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 use weak encryption for packet-level security and passwords transferred on the wire.
Use of a Broken or Risky Cryptographic Algorithm
UniData/UniVerse udadmin Stack Overflow RCE (<=8.2.4,<=11.3.5,<=12.2.1)
CVE-2023-28502
9.8 - Critical
- March 29, 2023
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow in the "udadmin" service that can lead to remote code execution as the root user.
Memory Corruption
Rocket UniData/UniVerse <8.2.4 or <11.3.5 RCE via unirpcd buffer overflow
CVE-2023-28501
9.8 - Critical
- March 29, 2023
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a heap-based buffer overflow in the unirpcd daemon that, if successfully exploited, can lead to remote code execution as the root user.
Integer Overflow or Wraparound
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Rocketsoftware Unidata or by Rocketsoftware? Click the Watch button to subscribe.
