CVE-2025-36126

IBM Cognos Analytics 11.2.0, 12.0, and 12.1.0 and IBM Cognos Transformer 12.0, 11.2.4, and 12.1.0 is vulnerable to stored cross-site scripting XSS in Cognos Adminstration. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended...

CVE-2026-6052

IBM Db2 is vulnerable to memory exhaustion when executing certain queries involving MDC tables. Affected products and versions: IBM Db2 11.5.0–11.5.9 and 12.1.0–12.1.4. IBM’s advisory notes that mitigation includes applying interim special builds (V11.5.9 and V12.1.4) via Fix Central and avoiding...

PT-2026-43979

Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.4 Description A denial of service can occur when a specially crafted query is executed using range partitioned tables. Recommendations At the moment, there is no...

IBM Db2 安全漏洞

IBM Db2 is a relational database management system developed by IBM. Versions 11.5.0 to 11.5.9 and 12.1.0 to 12.1.4 of IBM Db2 contain security vulnerabilities. These vulnerabilities arise from the use of range partition tables when special queries are executed, and could lead to denial-of-servic...

EUVD-2025-209930

IBM Cognos Analytics 11.2.0, 12.0, and 12.1.0 and IBM Cognos Transformer 12.0, 11.2.4, and 12.1.0 is vulnerable to stored cross-site scripting XSS in Cognos Adminstration. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended...

IBM Db2 日志信息泄露漏洞

IBM Db2 is a relational database management system developed by IBM. Versions 11.5.0 to 11.5.9 and 12.1.0 to 12.1.4 of IBM Db2 contain a vulnerability related to log information leakage. This vulnerability stems from the storage of potentially sensitive information in log files, which may allow...

DoS (Denial of Service) at jackson-core dependency in Bamboo Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 12.0.0 and 12.1.0 of Bamboo Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N allows an...

CVE-2026-1577 IBM® Db2® is vulnerable to a denial of service with a specially crafted query involving multiple subqueries

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...

PT-2026-34577

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...

Atlassian Bamboo Data Center 安全漏洞

Atlassian Bamboo Data Center is a continuous integration and delivery server software developed by the Australian company Atlassian. There is a security vulnerability in Atlassian Bamboo Data Center, which stems from OS command injection. This vulnerability may allow authenticated attackers to...

CVE-2026-21570

This High severity RCE Remote Code Execution vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.6, allows an authenticated attacker to execute...

PT-2026-25921

CVE: CVE-2026-21570 PT-Identifier: PT-2026-25921 Vendor: Atlassian Product: Bamboo Data Center CVSS: 8.6 Credits: n/a Description: This High severity RCE Remote Code Execution vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0, and 12.1.0 of Bamboo Data...

RCE (Remote Code Execution) in Bamboo Data Center

This High severity RCE Remote Code Execution vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.6, allows an authenticated attacker to execute...

Linux Distros Unpatched Vulnerability : CVE-2026-1605

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed HTTP request, with Content-Encoding:...

PT-2026-23445

Name of the Vulnerable Software and Affected Versions Eclipse Jetty versions 12.0.0 through 12.0.31 Eclipse Jetty versions 12.1.0 through 12.1.5 Description Eclipse Jetty’s GzipHandler class has an issue where a memory leak occurs when processing a compressed HTTP request Content-Encoding: gzip...

Denial of Service Vulnerability in IBM Db2

IBM Db2 is a set of relational database management system developed by the United States International Business Machines IBM Corporation, and its main operating environments are UNIX including IBM's own AIX, Linux, IBM i formerly known as OS/400, z/OS, as well as Windows server versions. A denial...

CVE-2025-14689

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 12.1.0 through 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic with federated objects...

CVE-2025-36247

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memo...

CVE-2025-14689

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 12.1.0 through 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic with federated objects...

CVE-2025-36247

CVE-2025-36247 affects IBM Db2 for Linux/UNIX/Windows (including Db2 Connect Server) versions 11.5.0–11.5.9 and 12.1.0–12.1.3. The vulnerability is an XML External Entity (XXE) injection when processing XML data, enabling potential disclosure of sensitive information or memory resource consumptio...