Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Db2 Universal Database Security Vulnerabilities

cve
cve

CVE-2007-1086

Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to "unsafe file...

6.3AI Score

0.0004EPSS

2007-02-23 10:28 PM
24
cve
cve

CVE-2006-4257

IBM DB2 Universal Database (UDB) before 8.1 FixPak 13 allows remote authenticated users to cause a denial of service (crash) by (1) sending the first ACCSEC command without an RDBNAM parameter during the CONNECT process, or (2) sending crafted SQLJRA packet, which results in a null...

6.1AI Score

0.084EPSS

2006-08-21 08:04 PM
23
cve
cve

CVE-2006-3066

Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allows remote attackers to cause a denial of service (application crash) via a long MGRLVLLS message inside of an EXCSAT message when establishing a...

6.7AI Score

0.029EPSS

2006-06-19 10:02 AM
26
cve
cve

CVE-2006-3067

Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allow remote attackers to cause a denial of service (application crash) via a (1) "long column list" in the (a) REPLACE INTO and (b) INSERT INTO portions of the LOAD command or a (2) large number of...

7.5AI Score

0.066EPSS

2006-06-19 10:02 AM
18
cve
cve

CVE-2006-3068

IBM DB2 Universal Database (UDB) before 8.2 FixPak 12 allows remote attackers to cause a denial of service (application crash) by sending "incorrect information ... regarding the package name/creator," which leads to a "memory...

6.8AI Score

0.018EPSS

2006-06-19 10:02 AM
29
cve
cve

CVE-2005-0417

Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future. In addition, this may be a duplicate of other issues as reported by the...

6.8AI Score

0.003EPSS

2005-04-27 04:00 AM
22
cve
cve

CVE-2004-1372

Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the generate_distfile...

7.2AI Score

0.0004EPSS

2005-01-19 05:00 AM
23
cve
cve

CVE-2004-0795

DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named...

7.2AI Score

0.019EPSS

2004-10-20 04:00 AM
22
cve
cve

CVE-2003-1050

Multiple buffer overflows in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via long command line arguments to (1) db2start, (2) db2stop, or (3)...

7.8AI Score

0.0004EPSS

2004-09-28 04:00 AM
23
cve
cve

CVE-2003-1051

Multiple format string vulnerabilities in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via certain command line arguments to (1) db2start, (2) db2stop, or (3)...

7.7AI Score

0.0004EPSS

2004-09-28 04:00 AM
28
cve
cve

CVE-2003-1049

IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2...

6.5AI Score

0.0004EPSS

2004-09-28 04:00 AM
32
cve
cve

CVE-2003-1052

IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root...

7AI Score

0.001EPSS

2004-09-28 04:00 AM
18
cve
cve

CVE-2003-0836

Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with "Connect" privileges to execute arbitrary code via a LOAD...

7.7AI Score

0.005EPSS

2003-11-17 05:00 AM
29
cve
cve

CVE-2003-0837

Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Windows, before Fixpak 10a, allows attackers with "Connect" privileges to execute arbitrary code via the INVOKE...

7.8AI Score

0.008EPSS

2003-11-17 05:00 AM
20
cve
cve

CVE-2003-0898

IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2)...

6.8AI Score

0.0004EPSS

2003-11-17 05:00 AM
23
cve
cve

CVE-2003-0758

Buffer overflow in db2dart in IBM DB2 Universal Data Base 7.2 before Fixpak 10 allows local users to gain root privileges via a long command line...

6.7AI Score

0.0004EPSS

2003-10-06 04:00 AM
26
cve
cve

CVE-2003-0759

Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line...

6.7AI Score

0.0004EPSS

2003-10-06 04:00 AM
25
cve
cve

CVE-2003-0827

The DB2 Discovery Service for IBM DB2 before FixPak 10a allows remote attackers to cause a denial of service (crash) via a long packet to UDP port...

6.5AI Score

0.004EPSS

2003-10-06 04:00 AM
21
cve
cve

CVE-2001-1143

IBM DB2 7.0 allows a remote attacker to cause a denial of service (crash) via a single byte to (1) db2ccs.exe on port 6790, or (2) db2jds.exe on port...

6.5AI Score

0.022EPSS

2002-03-15 05:00 AM
24
cve
cve

CVE-2001-0051

IBM DB2 Universal Database version 6.1 creates an account with a default user name and password, which allows remote attackers to gain access to the...

6.3AI Score

0.006EPSS

2001-02-16 05:00 AM
44
cve
cve

CVE-2001-0052

IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed...

6.6AI Score

0.001EPSS

2001-02-16 05:00 AM
26
Total number of security vulnerabilities71